search

wangyu- / udp2raw

A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment)
MIT License
7.3k stars 1.17k forks source link

(re)sent tcp syn loop wireguard #543

Open dxwil opened 4 days ago

dxwil commented 4 days ago

I am trying to set up udp2raw with wireguard. I have it run as PreUp command on my client.

This is the log:

[2024-11-08 23:21:25][INFO]argc=10 udp2raw_mp -c -l 0.0.0.0:51821 -r REDACTED:4440 -k labas --raw-mode faketcp 
[2024-11-08 23:21:25][INFO]parsing address: 0.0.0.0:51821
[2024-11-08 23:21:25][INFO]its an ipv4 adress
[2024-11-08 23:21:25][INFO]ip_address is {0.0.0.0}, port is {51821}
[2024-11-08 23:21:25][INFO]parsing address: REDACTED:4440
[2024-11-08 23:21:25][INFO]its an ipv4 adress
[2024-11-08 23:21:25][INFO]ip_address is {REDACTED}, port is {4440}
[2024-11-08 23:21:25][INFO]important variables: log_level=4:INFO raw_mode=faketcp cipher_mode=aes128cbc auth_mode=md5 key=labas local_addr=0.0.0.0:51821 remote_addr=REDACTED:4440 socket_buf_size=1048576 
[2024-11-08 23:21:25][WARN]you can run udp2raw with non-root account for better security. check README.md in repo for more info.
[2024-11-08 23:21:25][INFO]remote_ip=[REDACTED], make sure this is a vaild IP address
[2024-11-08 23:21:25][INFO]const_id:363a2a34
[2024-11-08 23:21:25][INFO]--dev have not been set, trying to detect automatically, avaliable deives:
[2024-11-08 23:21:25][INFO]avaliable deives(device name: ip address ; description):
en0: [fe80::870:8c5c:d440:3aec] [192.168.88.62] [fd6a:be0:1e2a:14d:c09:99d4:5dce:cc71]; (no description avaliable)
awdl0: [fe80::ca2:5ff:fece:1873]; (no description avaliable)
llw0: [fe80::ca2:5ff:fece:1873]; (no description avaliable)
utun0: [fe80::77f8:6635:d763:80bb]; (no description avaliable)
utun1: [fe80::608b:cbd1:ab33:6fab]; (no description avaliable)
utun2: [fe80::82d1:163d:7cfc:2f47]; (no description avaliable)
utun3: [fe80::ce81:b1c:bd2c:69e]; (no description avaliable)
utun4: [fe80::4cd5:d6a1:86c1:fdeb]; (no description avaliable)
utun5: [fe80::b7a:1fd6:a797:9bcc]; (no description avaliable)
utun6: [no ip found]; (no description avaliable)
lo0: [127.0.0.1] [::1] [fe80::1]; (no description avaliable)
anpi2: [no ip found]; (no description avaliable)
anpi1: [no ip found]; (no description avaliable)
anpi0: [no ip found]; (no description avaliable)
en4: [no ip found]; (no description avaliable)
en5: [no ip found]; (no description avaliable)
en6: [no ip found]; (no description avaliable)
en1: [no ip found]; (no description avaliable)
en2: [no ip found]; (no description avaliable)
en3: [no ip found]; (no description avaliable)
bridge0: [no ip found]; (no description avaliable)
gif0: [no ip found]; (no description avaliable)
stf0: [no ip found]; (no description avaliable)
ap1: [no ip found]; (no description avaliable)
[2024-11-08 23:21:25][INFO]using device:[en0], ip: [192.168.88.62]
[2024-11-08 23:21:25][INFO]source_addr is now 192.168.88.62
[2024-11-08 23:21:25][INFO]using port 20459
[2024-11-08 23:21:25][INFO]filter expression is [ip and tcp and src REDACTED and src port 4440 and dst port 20459]
[2024-11-08 23:21:25][INFO]breakloop() succeed after 4 attempt(s)
[2024-11-08 23:21:25][INFO]state changed from client_idle to client_tcp_handshake
[2024-11-08 23:21:25][INFO](re)sent tcp syn
[2024-11-08 23:21:26][INFO]state changed from client_tcp_handshake to client_handshake1
[2024-11-08 23:21:26][INFO](re)sent handshake1
[2024-11-08 23:21:28][INFO](re)sent handshake1
[2024-11-08 23:21:29][INFO](re)sent handshake1
[2024-11-08 23:21:30][INFO](re)sent handshake1
[2024-11-08 23:21:31][INFO](re)sent handshake1
[2024-11-08 23:21:32][INFO]state back to client_idle from client_handshake1

THIS IS WHEN THE WIREGUARD CONNECTION STARTS

[2024-11-08 23:21:32][INFO]source_addr is now 10.8.0.2
[2024-11-08 23:21:32][INFO]using port 20946
[2024-11-08 23:21:32][INFO]filter expression is [ip and tcp and src REDACTED and src port 4440 and dst port 20946]
[2024-11-08 23:21:32][INFO]breakloop() succeed after 2 attempt(s)
[2024-11-08 23:21:32][INFO]state changed from client_idle to client_tcp_handshake
[2024-11-08 23:21:32][INFO](re)sent tcp syn
[2024-11-08 23:21:33][INFO](re)sent tcp syn
[2024-11-08 23:21:34][INFO](re)sent tcp syn
[2024-11-08 23:21:36][INFO](re)sent tcp syn
[2024-11-08 23:21:37][INFO](re)sent tcp syn
[2024-11-08 23:21:37][INFO]state back to client_idle from client_tcp_handshake
[2024-11-08 23:21:38][INFO]source_addr is now 10.8.0.2
[2024-11-08 23:21:38][INFO]using port 17037
[2024-11-08 23:21:38][INFO]filter expression is [ip and tcp and src REDACTED and src port 4440 and dst port 17037]
[2024-11-08 23:21:38][INFO]breakloop() succeed after 3 attempt(s)
[2024-11-08 23:21:38][INFO]state changed from client_idle to client_tcp_handshake
[2024-11-08 23:21:38][INFO](re)sent tcp syn
[2024-11-08 23:21:39][INFO](re)sent tcp syn
[2024-11-08 23:21:40][INFO](re)sent tcp syn
[2024-11-08 23:21:41][INFO](re)sent tcp syn
[2024-11-08 23:21:42][INFO](re)sent tcp syn

If I instead run udp2raw manually without staring wireguard, it connects succesfully and says client_ready, but as soon as I then start wireguard it says source_addr is now 10.8.0.2 and starts the tcp syn loop.

Client sudo udp2raw_mp -c -l 0.0.0.0:51821 -r REDACTED:4440 -k "labas" --raw-mode faketcp > /var/log/VersmiuTCP.log 2>&1 &

Server udp2raw -s -l 0.0.0.0:4440 -r 127.0.0.1:51820 -k "labas" --raw-mode faketcp -a > udp2raw.log 2>&1 &

My server is inside a proxmox vm, which might have something to do with NAT or Bridge network setup. But the client connects without starting wireguard so that makes me think that the vm is not the issue.

Wireguard config client

[Interface]
PrivateKey = 
Address = 10.8.0.2/24
DNS = 1.1.1.1
MTU = 1280
PreUp = sudo udp2raw_mp -c -l 0.0.0.0:51821 -r REDACTED:4440 -k "labas" --raw-mode faketcp > /var/log/VersmiuTCP.log 2>&1 &
PostDown = sudo killall udp2raw_mp

[Peer]
PublicKey = 
PresharedKey = 
AllowedIPs = 0.0.0.0/0, ::/0
PersistentKeepalive = 0
Endpoint = 127.0.0.1:51821