udptunnel is a small program which can tunnel UDP packets bi-directionally over a TCP connection. Its primary purpose (and original motivation) is to allow multi-media conferences to traverse a firewall which allows only outgoing TCP connections.
# udptunnel -s 443 127.0.0.1/51820
# udptunnel -c [SERVER PUBLIC IP]/443 127.0.0.1 50001
- Remember to open TCP port 443 on the server's firewall
- In the WireGuard client config file, replace the server's public IP (endpoint) with
127.0.0.1:50001
Ok, I've figured it out. udptunnel is trying to
bind
on0.0.0.0
and after that it is trying tobind
on::
using the same port. Secondbind
will fail if/proc/sys/net/ipv6/bindv6only
is0
. You can disable this flag using sysctlnet.ipv6.bindv6only = 1
, but don't do it, because you will ruin other applications that may depend onbindv6only = 0
, they may expect that binding on0.0.0.0
implies binding on::
.I am going to provide pull request to udptunnel that will fix it.