search

erebe / wstunnel

Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available
Other
3.22k stars 290 forks source link

M1 macbook cannot use wstunnel with wireguard #263

Open fragrant1001 opened 2 weeks ago

fragrant1001 commented 2 weeks ago

OS: m1 mac version: 9.3.0

log:

/opt/homebrew/etc/wireguard/wstunnel client -L 'udp://51820:localhost:51820?timeout_sec=0' wss://s.s.s:443 2024-04-29T07:10:08.737456Z INFO wstunnel::udp: Starting UDP server listening cnx on 127.0.0.1:51820 with cnx timeout of 0s 2024-04-29T07:10:08.737774Z WARN wstunnel::udp: Cannot increase UDP server recv buffer to 64 Mib: No buffer space available (os error 55) 2024-04-29T07:10:08.737843Z WARN wstunnel::udp: This is not fatal, but can lead to packet loss if you have too much throughput. You must monitor packet loss in this case 2024-04-29T07:10:08.737847Z WARN wstunnel::udp: Cannot increase UDP server recv buffer to 32 Mib: No buffer space available (os error 55) 2024-04-29T07:10:08.737850Z WARN wstunnel::udp: This is not fatal, but can lead to packet loss if you have too much throughput. You must monitor packet loss in this case 2024-04-29T07:10:08.737852Z WARN wstunnel::udp: Cannot increase UDP server recv buffer to 16 Mib: No buffer space available (os error 55) 2024-04-29T07:10:08.737855Z WARN wstunnel::udp: This is not fatal, but can lead to packet loss if you have too much throughput. You must monitor packet loss in this case 2024-04-29T07:10:08.737885Z WARN wstunnel::udp: Cannot increase UDP server recv buffer to 8 Mib: No buffer space available (os error 55) 2024-04-29T07:10:08.737889Z WARN wstunnel::udp: This is not fatal, but can lead to packet loss if you have too much throughput. You must monitor packet loss in this case 2024-04-29T07:10:08.737892Z INFO wstunnel::udp: Increased UDP server recv buffer to 4 Mib 2024-04-29T07:10:08.737895Z WARN wstunnel::udp: Cannot increase UDP server send buffer to 64 Mib: No buffer space available (os error 55) 2024-04-29T07:10:08.737897Z WARN wstunnel::udp: This is not fatal, but can lead to packet loss if you have too much throughput. You must monitor packet loss in this case 2024-04-29T07:10:08.737964Z WARN wstunnel::udp: Cannot increase UDP server send buffer to 32 Mib: No buffer space available (os error 55) 2024-04-29T07:10:08.737971Z WARN wstunnel::udp: This is not fatal, but can lead to packet loss if you have too much throughput. You must monitor packet loss in this case 2024-04-29T07:10:08.737975Z WARN wstunnel::udp: Cannot increase UDP server send buffer to 16 Mib: No buffer space available (os error 55) 2024-04-29T07:10:08.737978Z WARN wstunnel::udp: This is not fatal, but can lead to packet loss if you have too much throughput. You must monitor packet loss in this case 2024-04-29T07:10:08.737981Z WARN wstunnel::udp: Cannot increase UDP server send buffer to 8 Mib: No buffer space available (os error 55) 2024-04-29T07:10:08.737984Z WARN wstunnel::udp: This is not fatal, but can lead to packet loss if you have too much throughput. You must monitor packet loss in this case 2024-04-29T07:10:08.738019Z INFO wstunnel::udp: Increased UDP server send buffer to 4 Mib 2024-04-29T07:10:20.658377Z INFO wstunnel::udp: New UDP connection from 127.0.0.1:53516 2024-04-29T07:10:20.660640Z INFO wstunnel::tcp: Opening TCP connection to aws.kithrt.site:443 2024-04-29T07:10:20.820715Z INFO wstunnel::tls: Doing TLS handshake using SNI DnsName("s.s.s") with the server s.s.s:443

After this command I get those mention. and I can ping myself with wireguard internal ip.

-> % ping 10.10.10.3 PING 10.10.10.3 (10.10.10.3): 56 data bytes 64 bytes from 10.10.10.3: icmp_seq=0 ttl=63 time=213.034 ms 64 bytes from 10.10.10.3: icmp_seq=1 ttl=63 time=226.275 ms ^C --- 10.10.10.3 ping statistics --- 2 packets transmitted, 2 packets received, 0.0% packet loss

But I can not ping 10.10.10.1

-> % ping 10.10.10.1 PING 10.10.10.1 (10.10.10.1): 56 data bytes Request timeout for icmp_seq 0 Request timeout for icmp_seq 1 Request timeout for icmp_seq 2 ^C --- 10.10.10.1 ping statistics --- 4 packets transmitted, 0 packets received, 100.0% packet loss

But I can use wstunnel with wireguard in ubuntu 22.04 very good and stable.

root@dockerC:~/wg-easy# ping 10.10.10.2 PING 10.10.10.2 (10.10.10.2) 56(84) bytes of data. 64 bytes from 10.10.10.2: icmp_seq=1 ttl=63 time=196 ms 64 bytes from 10.10.10.2: icmp_seq=2 ttl=63 time=202 ms 64 bytes from 10.10.10.2: icmp_seq=3 ttl=63 time=196 ms ^C --- 10.10.10.2 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2100ms rtt min/avg/max/mdev = 195.732/197.953/202.032/2.887 ms root@dockerC:~/wg-easy# ping 10.10.10.1 PING 10.10.10.1 (10.10.10.1) 56(84) bytes of data. 64 bytes from 10.10.10.1: icmp_seq=1 ttl=64 time=89.5 ms 64 bytes from 10.10.10.1: icmp_seq=2 ttl=64 time=95.0 ms 64 bytes from 10.10.10.1: icmp_seq=3 ttl=64 time=113 ms ^C --- 10.10.10.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2101ms rtt min/avg/max/mdev = 89.521/99.303/113.439/10.238 ms

You can see this log of ping .

erebe commented 2 weeks ago

Hello, can you share your wireguard client configuration ?

I suppose you have set your Allowed ip to 0.0.0.0/0 ? If yes be sure to to have set a static route to your server or use https://github.com/erebe/wstunnel/issues/252#issuecomment-2030281446 to define your Allowed ip

https://github.com/erebe/wstunnel?tab=readme-ov-file#wireguard-and-wstunnel-

fragrant1001 commented 2 weeks ago

Hello, can you share your wireguard client configuration ?

I suppose you have set your Allowed ip to 0.0.0.0/0 ? If yes be sure to to have set a static route to your server or use #252 (comment) to define your Allowed ip

https://github.com/erebe/wstunnel?tab=readme-ov-file#wireguard-and-wstunnel-

These are my client configurations.

on m1 mac:

-> % cat wss.conf [Interface] PrivateKey = asasasasasasas01 Address = 10.10.10.3/24 DNS = 8.8.8.8,114.114.114.114,233.5.5.5

Table = off PreUp = /opt/homebrew/etc/wireguard/wstunnel930 client -L 'udp://51820:localhost:51820?timeout_sec=0' wss://a.a.a:443 > /opt/homebrew/etc/wireguard/wstunnel.log 2>&1 & PreDown = kill $(ps -ef | grep '[w]stunnel' | awk '{print $2}') 2>&1 &

[Peer] PublicKey = asasasasasasas02 PresharedKey = asasasasasasas03 AllowedIPs = 10.10.10.0/24 PersistentKeepalive = 25 Endpoint = 127.0.0.1:51820

On Ubuntu 22.04 :

root@ubuntu:/etc/wireguard# cat wss.conf [Interface] PrivateKey = xxxxxxxxxx01 Address = 10.10.10.2/24 DNS = 8.8.8.8,114.114.114.114,233.5.5.5

Table = off PreUp = /root/wg-easy/wstunnel client -L 'udp://51820:localhost:51820?timeout_sec=0' wss://s.s.s:443 >/root/wg-easy/wstunnel.log 2>&1 &

[Peer] PublicKey = xxxxxxxxxx02 PresharedKey = xxxxxxxxxx03 AllowedIPs = 10.10.10.0/24 PersistentKeepalive = 25 Endpoint = 127.0.0.1:51820

Almost the same configuration.

But as I said before . I can ping gateway on ubuntu but with my m1 mac I can not ping the gateaway.

On m1:

-> % ping 10.10.10.1 PING 10.10.10.1 (10.10.10.1): 56 data bytes Request timeout for icmp_seq 0 Request timeout for icmp_seq 1 Request timeout for icmp_seq 2 Request timeout for icmp_seq 3 Request timeout for icmp_seq 4 Request timeout for icmp_seq 5 Request timeout for icmp_seq 6 ^C --- 10.10.10.1 ping statistics --- 8 packets transmitted, 0 packets received, 100.0% packet loss

On ubuntu:

root@ubuntu:~/wg-easy# ping 10.10.10.1 PING 10.10.10.1 (10.10.10.1) 56(84) bytes of data. 64 bytes from 10.10.10.1: icmp_seq=1 ttl=64 time=74.6 ms 64 bytes from 10.10.10.1: icmp_seq=2 ttl=64 time=74.7 ms 64 bytes from 10.10.10.1: icmp_seq=3 ttl=64 time=74.3 ms ^C --- 10.10.10.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2004ms rtt min/avg/max/mdev = 74.347/74.555/74.726/0.157 ms

Anyway , thanks for your answering.