search

rajannpatel / Pi-Hole-on-Google-Compute-Engine-Free-Tier-with-Full-Tunnel-and-Split-Tunnel-Wireguard-VPN-Configs

Run your own privacy-first ad blocking service at home, or in the cloud for free with Google Cloud Services.
MIT License
743 stars 77 forks source link

wireguard protocol obfuscation with shadowsocks #17

Open rajannpatel opened 4 years ago

rajannpatel commented 4 years ago

Came across some interesting information courtesy of Yegor Ievlev:

Recently there was discussion about obfuscation to avoid restrictive firewalls. The conclusion apparently was that WG devs should add support for pluggable transports. This is a good idea, but for now you can just use shadowsocks-libev:

On server:

ss-server -s 0.0.0.0 -s ::0 -p 443 -k shadowsocks-password -m aes-128-gcm -U # change to lowercase u if you want to be able to connect to the server over TCP too.

On client:

ss-tunnel -s shadowsocks-server -p 443 -l 51820 -L wireguard-server:51820 -k shadowsocks-password -m aes-128-gcm -U

Connect WireGuard to 127.0.0.1:51820. Done.

It's worth experimenting with Shadowsocks to bypass restrictive firewalls that block Wireguard traffic, and improving this guide/bash script to include these enhancements.

AnonymousWebHacker commented 2 years ago

https://lists.zx2c4.com/pipermail/wireguard/2019-January/003809.html