53
How do you mask Wireguard traffic? (lemmy.world)
submitted 9 months ago* (last edited 9 months ago) by MigratingtoLemmy@lemmy.world to c/selfhosted@lemmy.world
26 comments fedilink hide all child comments

ChatGPT led me to tunsafe however the project seems to be abandoned?

I'm trying to find ways to convert wireguard traffic into plain HTTPS so as to not trigger some advanced DPI. So far, I have come across udp2raw and updtunnel which convert the traffic to TCP, but AFAIK the SSL used in Wireguard triggers DPIs.

Does anyone have a workaround? Thanks!

Everyone, there seems to be a way go achieve this:

Wireguard (change port to 443) + udp2raw or udptunnel to convert packets to TCP + stunnel (configured on both client and server - used by OpenVPN to encapsulate traffic in TLS).

This is basically what OpenVPN does, and theoretically this should do OK. I haven't tested it however, so if you have, please let us know!

you are viewing a single comment's thread
view the rest of the comments
[-] MigratingtoLemmy@lemmy.world 1 points 9 months ago

Hi, is there a point to doing this? My ISP/any advanced DPI will still know that I'm using Wireguard

[-] saucegp@lemmy.world 3 points 9 months ago

They are talking about how whoever or whatever you are trying to get around can still mess with your wg tunnels even if you are masking them as https

[-] MigratingtoLemmy@lemmy.world 1 points 9 months ago

How can someone else mess with the timeout of my wg tunnel if I mask them as HTTPS traffic?

[-] saucegp@lemmy.world 2 points 9 months ago

They can break the session every 30 seconds, which would be fine for a normal web session but mess with your wg tunnel

[-] MigratingtoLemmy@lemmy.world 1 points 9 months ago

Would breaking a TCP session every 30 seconds be OK for something like video streaming/content browsing?

I wonder if I can automate the breaking and forming of session on clients. Hopefully Android has something that will let me do this, I'm sure I can figure something out on Linux

this post was submitted on 30 Oct 2023
53 points (96.5% liked)

Selfhosted

38688 readers
148 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz