Forum Replies Created
-
Posts
-
Thank you for bringing this matter to our attention. Unfortunately, the process of identifying and resolving issues of this nature can prove to be challenging, particularly when their replication is inconsistent. Regardless, I assure you that I will try allocating time to investigate and address this issue.
There could potentially be an issue related to address conflict. Could you please provide the subnets for both your Local Area Network (LAN) and Wireguard?
I sincerely apologize for not being able to take on this task sooner. Due to a considerable workload in the past few weeks, I was primarily focused on resolving bugs. However, I’m optimistic about finding time this upcoming weekend to address this matter. Thank you for your understanding and patience.
Любопытно, мне было неизвестно, что для Keenetic доступен клиент Shadowsocks. Это, безусловно, представляет собой интересную возможность для пользователей. Я тоже предпочитаю роутеры keenetic для дома, так что не исключено, что подобная схема может и мне как-нибудь пригодиться.
Единственный недостаток, который я вижу в данной схеме, заключается в том, что весь трафик, передаваемый через Wireguard, проходит через Shadowsocks. Это, вероятно, может негативно сказаться на общей производительности и скорости работы, которые обычно ассоциируются с использованием Wireguard.
The key part is below:
WixQuietExec64: Trying to install nt_ndiswgc ... WixQuietExec64: WixQuietExec64: ... C:\Program Files\WireSock VPN Client\drivers\ndiswgc_lwf.inf was copied to C:\WINDOWS\INF\oem142.inf. WixQuietExec64: WixQuietExec64: ... failed. Error code: 0x80070005. WixQuietExec64: WixQuietExec64: Error 0x80070005: Command line returned an error. WixQuietExec64: Error 0x80070005: QuietExec64 Failed WixQuietExec64: Error 0x80070005: Failed in ExecCommon methodIt appears you may not have the necessary permissions to install the driver.
Причем на VPS вижу как входящие пакеты, так и исходящие.
Похоже на то, что блокируют именно handshake response.
Соответственно у меня вопрос: возможно ли как-то настроить keenetic так, что бы он подключался к wireguard через прокси? Или же настроить wireguard сервер так, что бы запросы к нему шли через этот прокси?
Мне кажется, использование Keenetic может вызвать определенные сложности и, вероятно, потребуется модификация реализации Wireguard. К сожалению, ограничиться решением только на стороне VPS также не представляется возможным. В данной ситуации я вижу одну стратегию: вставить промежуточное звено между Keenetic и Интернетом, которое сможет перехватывать и обрабатывать Wireguard handshake. Я полагаю, что на основе Windows-хоста с двумя сетевыми интерфейсами и WinpkFilter можно было бы без больших усилий разработать подобное решение.
Could you please collect the MSI log? Here’s a step-by-step guide to enable logging for an MSI installation:
1. Open a command prompt. This can be done by searching for
cmdin the Windows search bar and selecting “Command Prompt”.2. In the command prompt, navigate to the directory where the MSI file is located using the
cdcommand. For example, if your MSI file is in the Downloads folder, you could typecd Downloads.3. Once you’re in the correct directory, enter the following command to start the installation and simultaneously enable logging:
msiexec /i NameOfYourInstaller.msi /l*v MyLog.txtReplace
NameOfYourInstaller.msiwith the name of your MSI file, andMyLog.txtwith the name you want for your log file.4. Press
Enterto run the command. The installation will proceed and a log of the installation will be created in the same directory under the name you specified.The
/l*voption in the command enables verbose logging. This records all actions that are taken during the installation, making it easier to identify any issues that may arise.Please remember that the generated logs might contain sensitive information, so handle and share them carefully.
If you have any alternative suggestions or unique insights regarding the implementation, we’d greatly appreciate your input. Please feel free to share.
Indeed, this topic is currently a subject of active discussion. To provide some context, here’s an excerpt from one of the most recent emails I’ve received regarding the matter:
In my suggestion/vision, I appreciate the options that Tunsafe provided, such that all traffic is blocked if the VPN goes down, but there is an option to allow local traffic if the VPN goes down.
Also, I appreciate the ‘service mode’ and run-at-boot features that attempt traffic-blocking at startup, also implemented in Tunsafe.KILLSWITCH DESIRED BEHAVIOR >>>
DISCONNECTED:
My hope is that WireSock disallows all network traffic while disconnected, with the option to allow local traffic (DHCP/DNS mainly). Advanced : Fine-tuned options to allow/disallow specific traffic types while disconnected.
WHILE CONNECTING:
My hope is that WireSock only allows the minimal amount of Internet Traffic (dhcp/dns/tcp/udp) while connecting, and mainly through its processes.
CONNECTED:
Once connected, my hope is that WireSock allows all traffic to occur through all processes, but only through the VPNs IP (with options to allow local traffic as described above). Additional process filters can occur with an ALG firewall, such as Simplewall/etc.Advanced Features / Not Suggested:
(1) A feature that some VPN Clients have implemented is to allow certain applications to bypass the VPN. This allows a mixed-mode operation that some people want because of IP-discrimination (their email server blocks all VPN IP addresses, or a website does endless captcha challenges for all VPN IP addresses, etc). This feature would be very difficult to implement and I am not suggesting it, but wanted to include it because it seems related.
(2) There are few more theoretical features that could be implemented, but most seem beyond the scope of “KILLSWITCH”.Hello,
I’m glad you’re finding the Wiresock VPN Client user-friendly and easy to navigate.
To answer your question, the Wiresock VPN Client itself does not have the functionality to expose itself as a local proxy server. However, you can certainly achieve your goal by setting up a local proxy server (either SOCKS or HTTP) on your device.
Once you’ve set up the local proxy server, you can add the process name of this proxy server to the “AllowedApps” list in the Wiresock VPN Client. This way, all the connections initiated through the local proxy will be tunneled via the Wireguard tunnel, while other connections will proceed as usual.
For example, if you want certain websites to automatically use the VPN in Firefox, you can set the proxy for different containers to point to the local proxy server that you have set up and added to the “AllowedApps” list.
This should enable you to use some websites via the VPN while others use a direct connection, as you mentioned in your example.
I hope this helps! If you have any more questions, feel free to ask.
While SOCKS5 is utilized solely for the Wireguard handshake, it may induce a slight delay for it. However, this should not impact the rest of your traffic, which is directed straight to your Wireguard server.
WiresockUI provides a real-time display of the Round-Trip Time (RTT) for a WireGuard tunnel, which operates using the UDP protocol. This feature allows you to monitor network latency effectively, ensuring optimal performance of your WireGuard tunnel.
show Round-trip time 1209 ms
Your considerable latency is causing the slowdown you’re experiencing. To rectify this, consider setting up a VPN server that is geographically closer to you.
At the moment, the functionality to name the virtual network adapter based on the configuration file does not exist. However, I acknowledge the value of this feature and will consider implementing it in the upcoming update.
