iykex/README.md

## README.md

      
    Raw
  

              README.md
            
          
    To pass wireguard's traffic through a TCP tunnel by using udp2raw
Requirements

For Arch linux, install udp2raw by pacman:
pacman -S udp2raw
For Debian or Ubuntu, you can use a binary release from:
https://github.com/wangyu-/udp2raw/releases
Then, install it under /sbin directory. For example, on a x86_64 system:
wget https://github.com/wangyu-/udp2raw/releases/download/20200818.0/udp2raw_binaries.tar.gz
tar xzvf udp2raw_binaries.tar.gz
sudo mv udp2raw_amd64 /sbin

Instruction:


Replace private and public keys in configuration files
Replace password in udp2raw command in both server's and client's configuration file
Change YOUR-SERVER-IP in client's config file (in udp2raw command) to your server IP address
On both server and client, copy corresponding config file to /etc/wireguard/wg0
Start wireguard on both server and client: sudo systemclt start wg-quick@wg0
Check connectivity by performing a ping command from client: ping 10.8.0.1

Notes:


Please note that based on the configuration provided, by udp2raw command, port 4096 of your server will
be exposed to the world. Of course, you can change it to another port number.
If it doesn't work, remove PreUp and Postdown lines from both configs and run udp2raw commands
in command-line with a --log-level option to see if TCP tunnel can be successfully established.


## client-wg0
# Client configuration

[Interface]
PrivateKey = YOUR-CLIENT-PRIVATE-KEY
Address = 10.8.0.2/32
MTU = 1200
PreUp = udp2raw -c -l 127.0.0.1:51820 -r YOUR-SERVER-IP:4096 -k "your-password" --raw-mode faketcp -a --log-level 0 &
Postdown = pkill -f "udp2raw.*:51820"

[Peer]
PublicKey = 1w2ffwBzjyJMtPGB2QEe9hFHZ7bUyw3+cxhBC+OZfyM=
AllowedIPs = 10.8.0.0/24
Endpoint = 127.0.0.1:51820
PersistentKeepalive = 20

## server-wg0
# Server configuration

[Interface]
Address = 10.8.0.1/24
MTU = 1200
ListenPort = 51820
PrivateKey = YOUR-SERVER-PRIVATE-KEY
PreUp = sudo udp2raw -s -l 0.0.0.0:4096 -r 127.0.0.1:51820 -k "your-password" --raw-mode faketcp -a --log-level 0 &
Postdown = pkill -f "udp2raw.*:51820"

# Add your peers here
[Peer]
PublicKey = 1w2ffwBzjyJMtPGB2QEe9hFHZ7bUyw3+cxhBC+OZfyM=
AllowedIPs = 10.8.0.2/32
	# Client configuration

	[Interface]
	PrivateKey = YOUR-CLIENT-PRIVATE-KEY
	Address = 10.8.0.2/32
	MTU = 1200
	PreUp = udp2raw -c -l 127.0.0.1:51820 -r YOUR-SERVER-IP:4096 -k "your-password" --raw-mode faketcp -a --log-level 0 &
	Postdown = pkill -f "udp2raw.*:51820"

	[Peer]
	PublicKey = 1w2ffwBzjyJMtPGB2QEe9hFHZ7bUyw3+cxhBC+OZfyM=
	AllowedIPs = 10.8.0.0/24
	Endpoint = 127.0.0.1:51820
	PersistentKeepalive = 20
	# Server configuration

	[Interface]
	Address = 10.8.0.1/24
	MTU = 1200
	ListenPort = 51820
	PrivateKey = YOUR-SERVER-PRIVATE-KEY
	PreUp = sudo udp2raw -s -l 0.0.0.0:4096 -r 127.0.0.1:51820 -k "your-password" --raw-mode faketcp -a --log-level 0 &
	Postdown = pkill -f "udp2raw.*:51820"

	# Add your peers here
	[Peer]
	PublicKey = 1w2ffwBzjyJMtPGB2QEe9hFHZ7bUyw3+cxhBC+OZfyM=
	AllowedIPs = 10.8.0.2/32