Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fedora: WStunnel & Wireguard conflicting ports #367

Open
Maddox-Werts opened this issue Oct 10, 2024 · 5 comments
Open

Fedora: WStunnel & Wireguard conflicting ports #367

Maddox-Werts opened this issue Oct 10, 2024 · 5 comments
Labels
bug

Comments

@Maddox-Werts
Copy link

Describe the bug

After I start WStunnel, I attempt to enable my modified Wireguard config in Network Manager (I use GNOME with Network Manager). When clicking the enable toggle for the Wireguard profile that has it's endpoint set to localhost:51820, it immediately shuts off. When trying to start the Wireguard profile first, and then WStunnel, WStunnel returns the following error:

Error: Cannot start UDP server on 127.0.0.1:51820

Caused by:
    0: Cannot create UDP server 127.0.0.1:51820
    1: Address in use (os error 98)

To Reproduce

  1. Import Wireguard Profile with endpoint set to localhost:51820
  2. Start WStunnel with: clear; sudo ./wstunnel client -L 'udp://51820:[VPN LOCAL IP]:51820?timeout_sec=0' wss://[WSTUNNEL PUBLIC IP]:8443
  3. Attempt to turn on Wireguard Profile.

Expected behavior

Like on Windows, I expected Wireguard to work and send traffic to localhost:51820 (WStunnel Server), but it instead errors out.

Your wstunnel setup

Paste your logs of wstunnel, started with --log-lvl=DEBUG, and with the command line used

  • client:
User$ clear; sudo ./wstunnel client -L 'udp://51820:[VPN LOCAL IP]:51820?timeout_sec=0' wss://[WSTUNNEL PUBLIC IP]:8443
Error: Cannot start UDP server on 127.0.0.1:51820

Caused by:
   0: Cannot create UDP server 127.0.0.1:51820
   1: Address in use (os error 98)
  • server: N/A

Desktop (please complete the following information):

  • OS: Fedora Linux 40 (Workstation Edition) x86_64
@Mellowchan
Copy link

Hello,

could you please check if the port 51820 is not already taken before you start wstunnel?

ss -tunlp

Can you also please post your wireguard configratuon and possibly try test with wg-quick directly?

@Maddox-Werts
Copy link
Author

Hi there, I don't use wg-quick, however, I can attempt to use that instead. Gnome usually allows me to import VPN Profiles and it has it's own Wireguard compatibility.

As for the first question, I get the following

W/O Wireguard, W/O WStunnel

Netid         State           Recv-Q          Send-Q                                         Local Address:Port                    Peer Address:Port         Process                                  
udp           UNCONN          0               0                                                    0.0.0.0:48774                        0.0.0.0:*             users:(("wsdd",pid=5954,fd=8))          
udp           UNCONN          0               0                                                 127.0.0.54:53                           0.0.0.0:*                                                     
udp           UNCONN          0               0                                              127.0.0.53%lo:53                           0.0.0.0:*                                                     
udp           UNCONN          0               0                                             192.168.93.236:3702                         0.0.0.0:*             users:(("wsdd",pid=5954,fd=9))          
udp           UNCONN          0               0                                            239.255.255.250:3702                         0.0.0.0:*             users:(("wsdd",pid=5954,fd=7))          
udp           UNCONN          0               0                                                    0.0.0.0:46068                        0.0.0.0:*                                                     
udp           UNCONN          0               0                                                    0.0.0.0:5353                         0.0.0.0:*                                                     
udp           UNCONN          0               0                                                    0.0.0.0:5355                         0.0.0.0:*                                                     
udp           UNCONN          0               0                                                          *:35013                              *:*             users:(("wsdd",pid=5954,fd=14))         
udp           UNCONN          0               0                                                       [::]:51607                           [::]:*                                                     
udp           UNCONN          0               0                        [fe80::f4ba:821:e113:9264]%wlp242s0:3702                            [::]:*             users:(("wsdd",pid=5954,fd=15))         
udp           UNCONN          0               0                                         [ff02::c]%wlp242s0:3702                            [::]:*             users:(("wsdd",pid=5954,fd=13))         
udp           UNCONN          0               0                                                       [::]:5353                            [::]:*                                                     
udp           UNCONN          0               0                                                       [::]:5355                            [::]:*                                                     
tcp           LISTEN          0               4096                                           127.0.0.53%lo:53                           0.0.0.0:*                                                     
tcp           LISTEN          0               10                                                   0.0.0.0:27500                        0.0.0.0:*                                                     
tcp           LISTEN          0               4096                                                 0.0.0.0:5355                         0.0.0.0:*                                                     
tcp           LISTEN          0               4096                                              127.0.0.54:53                           0.0.0.0:*                                                     
tcp           LISTEN          0               4096                                               127.0.0.1:631                          0.0.0.0:*                                                     
tcp           LISTEN          0               4096                                                   [::1]:631                             [::]:*                                                     
tcp           LISTEN          0               4096                                                    [::]:5355                            [::]:*

W/ Wireguard, W/O WStunnel

Netid         State           Recv-Q          Send-Q                                         Local Address:Port                    Peer Address:Port         Process                                  
udp           UNCONN          0               0                                                    0.0.0.0:47361                        0.0.0.0:*             users:(("wsdd",pid=5954,fd=11))         
udp           UNCONN          0               0                                                    0.0.0.0:48774                        0.0.0.0:*             users:(("wsdd",pid=5954,fd=8))          
udp           UNCONN          0               0                                                 127.0.0.54:53                           0.0.0.0:*                                                     
udp           UNCONN          0               0                                              127.0.0.53%lo:53                           0.0.0.0:*                                                     
udp           UNCONN          0               0                                                    0.0.0.0:51820                        0.0.0.0:*                                                     
udp           UNCONN          0               0                                                172.16.10.2:3702                         0.0.0.0:*             users:(("wsdd",pid=5954,fd=12))         
udp           UNCONN          0               0                                            239.255.255.250:3702                         0.0.0.0:*             users:(("wsdd",pid=5954,fd=10))         
udp           UNCONN          0               0                                             192.168.93.236:3702                         0.0.0.0:*             users:(("wsdd",pid=5954,fd=9))          
udp           UNCONN          0               0                                            239.255.255.250:3702                         0.0.0.0:*             users:(("wsdd",pid=5954,fd=7))          
udp           UNCONN          0               0                                                    0.0.0.0:46068                        0.0.0.0:*                                                     
udp           UNCONN          0               0                                                    0.0.0.0:5353                         0.0.0.0:*                                                     
udp           UNCONN          0               0                                                    0.0.0.0:5355                         0.0.0.0:*                                                     
udp           UNCONN          0               0                                                          *:35013                              *:*             users:(("wsdd",pid=5954,fd=14))         
udp           UNCONN          0               0                                                       [::]:51607                           [::]:*                                                     
udp           UNCONN          0               0                                                       [::]:51820                           [::]:*                                                     
udp           UNCONN          0               0                        [fe80::f4ba:821:e113:9264]%wlp242s0:3702                            [::]:*             users:(("wsdd",pid=5954,fd=15))         
udp           UNCONN          0               0                                         [ff02::c]%wlp242s0:3702                            [::]:*             users:(("wsdd",pid=5954,fd=13))         
udp           UNCONN          0               0                                                       [::]:5353                            [::]:*                                                     
udp           UNCONN          0               0                                                       [::]:5355                            [::]:*                                                     
tcp           LISTEN          0               4096                                           127.0.0.53%lo:53                           0.0.0.0:*                                                     
tcp           LISTEN          0               10                                                   0.0.0.0:27500                        0.0.0.0:*                                                     
tcp           LISTEN          0               4096                                                 0.0.0.0:5355                         0.0.0.0:*                                                     
tcp           LISTEN          0               4096                                              127.0.0.54:53                           0.0.0.0:*                                                     
tcp           LISTEN          0               4096                                               127.0.0.1:631                          0.0.0.0:*                                                     
tcp           LISTEN          0               4096                                                   [::1]:631                             [::]:*                                                     
tcp           LISTEN          0               4096                                                    [::]:5355                            [::]:*

W/O Wireguard, W/ WStunnel

Netid         State          Recv-Q         Send-Q                                       Local Address:Port                    Peer Address:Port         Process                                      
udp           UNCONN         0              0                                                  0.0.0.0:48774                        0.0.0.0:*             users:(("wsdd",pid=5954,fd=8))              
udp           UNCONN         0              0                                               127.0.0.54:53                           0.0.0.0:*                                                         
udp           UNCONN         0              0                                            127.0.0.53%lo:53                           0.0.0.0:*                                                         
udp           UNCONN         0              0                                                127.0.0.1:51820                        0.0.0.0:*             users:(("wstunnel",pid=10098,fd=9))         
udp           UNCONN         0              0                                           192.168.93.236:3702                         0.0.0.0:*             users:(("wsdd",pid=5954,fd=9))              
udp           UNCONN         0              0                                          239.255.255.250:3702                         0.0.0.0:*             users:(("wsdd",pid=5954,fd=7))              
udp           UNCONN         0              0                                                  0.0.0.0:46068                        0.0.0.0:*                                                         
udp           UNCONN         0              0                                                  0.0.0.0:5353                         0.0.0.0:*                                                         
udp           UNCONN         0              0                                                  0.0.0.0:5355                         0.0.0.0:*                                                         
udp           UNCONN         0              0                                                        *:35013                              *:*             users:(("wsdd",pid=5954,fd=14))             
udp           UNCONN         0              0                                                     [::]:51607                           [::]:*                                                         
udp           UNCONN         0              0                      [fe80::f4ba:821:e113:9264]%wlp242s0:3702                            [::]:*             users:(("wsdd",pid=5954,fd=15))             
udp           UNCONN         0              0                                       [ff02::c]%wlp242s0:3702                            [::]:*             users:(("wsdd",pid=5954,fd=13))             
udp           UNCONN         0              0                                                     [::]:5353                            [::]:*                                                         
udp           UNCONN         0              0                                                     [::]:5355                            [::]:*                                                         
tcp           LISTEN         0              4096                                         127.0.0.53%lo:53                           0.0.0.0:*                                                         
tcp           LISTEN         0              10                                                 0.0.0.0:27500                        0.0.0.0:*                                                         
tcp           LISTEN         0              4096                                               0.0.0.0:5355                         0.0.0.0:*                                                         
tcp           LISTEN         0              4096                                            127.0.0.54:53                           0.0.0.0:*                                                         
tcp           LISTEN         0              4096                                             127.0.0.1:631                          0.0.0.0:*                                                         
tcp           LISTEN         0              4096                                                 [::1]:631                             [::]:*                                                         
tcp           LISTEN         0              4096                                                  [::]:5355                            [::]:*

@Maddox-Werts
Copy link
Author

I installed wireguard-tools on Fedora and added the profile to /etc/wireguard/wg0.conf. I will add my config. When starting WStunnel, and my wg0 profile at the same time, they do not conflict. However, No data is being sent to the WStunnel client. It sits at 2024-10-10T13:29:59.950683Z INFO wstunnel::protocols::udp::server: Starting UDP server listening cnx on 127.0.0.1:51820 with cnx timeout of 0s

Config

[Interface]
PrivateKey = [REDACTED]
Address = 172.16.10.5/24
DNS = 172.16.1.3
MTU = 1400

[Peer]
PublicKey = [REDACTED]
PresharedKey = [REDACTED]
AllowedIPs = 0.0.0.0/0, ::/0
PersistentKeepalive = 20
Endpoint = localhost:51820

@Maddox-Werts
Copy link
Author

Update

I was able to get Wireguard to connect to WStunnel by doing the following:

  • changing localhost:51820 to 127.0.0.1:51820.
  • Changing AllowedIPs = 0.0.0.0/0, ::/0 to AllowedIPs = 0.0.0.0/1, 128.0.0.0/1, ::/0

For whatever reason though, WStunnel client won't connect to WStunnel server. I will add my logs and replace my WStunnel's domain with an example one.

2024-10-10T14:07:23.132053Z  INFO wstunnel: Starting wstunnel client v10.1.4
2024-10-10T14:07:23.132075Z  INFO wstunnel::protocols::udp::server: Starting UDP server listening cnx on 127.0.0.1:51820 with cnx timeout of 0s
2024-10-10T14:07:24.821990Z  INFO wstunnel::protocols::udp::server: New UDP connection from 127.0.0.1:45090
2024-10-10T14:07:24.822070Z  INFO wstunnel::protocols::tcp::server: Opening TCP connection to my.vpn.net:8443    
2024-10-10T14:07:25.171163Z  INFO wstunnel::protocols::tls::server: Doing TLS handshake using SNI DnsName("my.vpn.net") with the server my.vpn.net:8443

@erebe
Copy link
Owner

erebe commented Oct 14, 2024

You need to set a static route to avoid your traffic looping.
Please check https://github.com/erebe/wstunnel?tab=readme-ov-file#wireguard-and-wstunnel-

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@erebe @Maddox-Werts @Mellowchan