Skip to content

el3xyz/wireguard-linux-compat

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1,278 Commits
kernel-tree-scripts
kernel-tree-scripts
 
 
src
src
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
COPYING
COPYING
 
 
README.md
README.md
 
 

Repository files navigation

notWG - obfuscated secure tunnel for Linux 3.10 - 5.14, based on WireGuard

There are several ways DPI can detect WireGurad traffic

  • The handshake initiation, response and cookie message have fixed sizes
  • All messages have 4 byte tag where the first byte indicates message type [1-4] and remaining three bytes are zeroes.
  • Handshake packet header contains sender and receiver indexes which are sent unencrypted and can be tracked.

Packet is obfuscated using two techniques

  • Random junk bytes are appended to handshake and cookie packets
  • Packet header is encrypted with blake2s hash of interface public key and random nonce.

Building

$ cd src
$ make DEV=<name>
$ sudo make install

Where is the name of your notWG device. You can choose almost any name (e.g foobar). Do not use 'wireguard' as the name, this will cause conflict with original wireguard driver.

More information may be found at WireGuard.com.

License

This project is released under the GPLv2.

About

Mirror only. Official repository is at https://git.zx2c4.com/wireguard-linux-compat

www.wireguard.com

Resources

Readme

License

GPL-2.0 license
Activity

Stars

155 stars

Watchers

1 watching

Forks

12 forks
Report repository

Releases

26 tags

Packages

No packages published

Languages

  • C 71.7%
  • Perl 18.6%
  • Assembly 4.7%
  • Shell 3.5%
  • Makefile 1.5%