Magic util that "bridges" Wireguard with OpenVPN without a TUN/TAP interface

Related tags

Network wg-ovpn
Overview

wg-ovpn

Magic util that "bridges" Wireguard with OpenVPN without a TUN/TAP interface

Warning: really ugly and unstable code!

Building

Obtain latest source of OpenVPN (link), apply patch tunsetiff.patch and place the resulting openvpn binary in this project's folder.

Then, run go build (requires Go 1.17 or later).

Usage

./wg-ovpn <.ovpn file> <wireguard config file>

Please note that this util doesn't support wg-quick's .conf format, rather it uses wireguard-go's internal UAPI config format: basically, you can't put section labels like [Interface], everything else works roughly the same (didn't test though)

Example config:

listen_port=55555
private_key=a8dac1d8a70a751f0f699fb14ba1cff7b79cf4fbd8f09f44c6e6a90d0369604f
public_key=28d2b91462b95913ac4fe68259fbabfe4a150314edf04bf4437eaf553d02804c
allowed_ip=0.0.0.0/0

TL;DR How does it work?

It creates a pair of pseudoterminals that serve as a bidirectional pipe, with one end connected to OpenVPN, and the other one to Wireguard.

It also has a bit of code to replace source/destination IP address to match what OpenVPN expects, so Wireguard clients can use virtually any IP address and still connect to the OpenVPN network.

Limitations

  • only 1 Wireguard client is currently supported
  • I have no idea if it works with other OpenVPN setups than what I have
Issues
  • TCP is broken (again)

    TCP is broken (again)

    null

    opened by ptrcnull 3
  • Terrible network bandwidth

    Terrible network bandwidth

    iperf3 -c <host>
    Connecting to host <host>, port 5201
    [  5] local <client> port 40698 connected to <host> port 5201
    [ ID] Interval           Transfer     Bitrate         Retr  Cwnd
    [  5]   0.00-1.00   sec   129 KBytes  1.06 Mbits/sec   36   2.63 KBytes       
    [  5]   1.00-2.00   sec  42.1 KBytes   344 Kbits/sec   16   2.63 KBytes       
    [  5]   2.00-3.00   sec  81.5 KBytes   668 Kbits/sec   16   2.63 KBytes       
    [  5]   3.00-4.00   sec  82.8 KBytes   679 Kbits/sec   16   2.63 KBytes       
    [  5]   4.00-5.00   sec  40.7 KBytes   334 Kbits/sec   16   1.31 KBytes       
    [  5]   5.00-6.00   sec  84.1 KBytes   689 Kbits/sec   15   2.63 KBytes       
    [  5]   6.00-7.00   sec  81.5 KBytes   668 Kbits/sec   16   2.63 KBytes       
    [  5]   7.00-8.00   sec  40.7 KBytes   334 Kbits/sec   16   2.63 KBytes       
    [  5]   8.00-9.00   sec  84.1 KBytes   689 Kbits/sec   16   2.63 KBytes       
    [  5]   9.00-10.00  sec  42.1 KBytes   344 Kbits/sec   15   2.63 KBytes       
    - - - - - - - - - - - - - - - - - - - - - - - - -
    [ ID] Interval           Transfer     Bitrate         Retr
    [  5]   0.00-10.00  sec   708 KBytes   580 Kbits/sec  178             sender
    [  5]   0.00-10.22  sec   676 KBytes   541 Kbits/sec                  receiver
    
    iperf Done.
    
    opened by ptrcnull 0
Owner
Patrycja
ptrcnull#3709 on Discord; @ptrcnull on most of social media; shitposts: https://git.ddd.rip/ptrcnull no job offers please
Patrycja
Tu: a time util for golang

tu - Time Util package tu is a time util for golang Install go get github.com/ip

Weerasak Chongnguluam 30 Dec 28, 2021
Go-fileprobe - Probe util with file for golang

Golang file probe package Probe util with file for golang Install go get github.

Dollarsign 1 Jan 5, 2022
A fork of the simple WireGuard VPN server GUI community maintained

Subspace - A simple WireGuard VPN server GUI Subspace - A simple WireGuard VPN server GUI Slack Screenshots Features Contributing Setup 1. Get a serve

null 1.5k Jan 22, 2022
A flexible configuration manager for Wireguard networks

Drago A flexible configuration manager for WireGuard networks Drago is a flexible configuration manager for WireGuard networks which is designed to ma

Seashell 825 Jan 14, 2022
Simple Web based configuration generator for WireGuard. Demo:

Wg Gen Web Simple Web based configuration generator for WireGuard. Why another one ? All WireGuard UI implementations are trying to manage the service

vx3r 736 Jan 22, 2022
The easiest, most secure way to use WireGuard and 2FA.

This repository contains all the open source Tailscale client code and the tailscaled daemon and tailscale CLI tool. The tailscaled daemon runs primarily on Linux; it also works to varying degrees on FreeBSD, OpenBSD, Darwin, and Windows.

Tailscale 6.4k Jan 20, 2022
Connect your devices into a single private WireGuard®-based mesh network.

Wiretrustee A WireGuard®-based mesh network that connects your devices into a single private network. Why using Wiretrustee? Connect multiple devices

null 1.8k Jan 14, 2022
An userspace SORACOM Arc client powered by wireguard-go

soratun An easy-to-use, userspace SORACOM Arc client powered by wireguard-go. For deploying and scaling Linux servers/Raspberry Pi devices working wit

Soracom, Inc. 5 Nov 17, 2021
A Wireguard VPN Server Manager and API to add and remove clients

Wireguard Manager And API A manager and API to add, remove clients as well as other features such as an auto reapplier which deletes and adds back a c

null 46 Dec 31, 2021
Layer2 version of wireguard with Floyd Warshall implement in go.

Etherguard 中文版README A Full Mesh Layer2 VPN based on wireguard-go OSPF can find best route based on it's cost. But sometimes the lentancy are differen

日下部 詩 17 Jan 9, 2022
Mount your podman container into WireGuard networks on spawn

wg-pod A tool to quickly join your podman container/pod into a WireGuard network. Explanation wg-pod wires up the tools ip,route,wg and podman. It cre

Maximilian Ehlers 10 Dec 20, 2021
Go Implementation of WireGuard

Go Implementation of WireGuard

WireGuard 1.1k Jan 17, 2022
A HTTP proxy server tunnelling through wireguard

wg-http-proxy This project hacks together the excellent https://github.com/elazarl/goproxy and https://git.zx2c4.com/wireguard-go into an HTTP proxy s

Sebastian Himberger 2 Jan 19, 2022
NAT puncher for Wireguard mesh networking.

natpunch-go This is a NAT hole punching tool designed for creating Wireguard mesh networks. It was inspired by Tailscale and informed by this example.

Malcolm Seyd 57 Jan 17, 2022
generate Wireguard keypairs with a given prefix string

wireguard-vanity-address Generate Wireguard keypairs with a given prefix string. The Wireguard VPN uses Curve25519 keypairs, and displays the Base64-e

yinheli 1 Dec 28, 2021
udppunch hole for wireguard

udppunch udp punch for wireguard, inspired by natpunch-go usage server side ./punch-server-linux-amd64 -port 19993 client side make sure wireguard is

yinheli 86 Jan 13, 2022
A C/S Tool to Download Torrent Remotely and Retrieve Files Back Over HTTP at Full Speed without ISP Torrent Limitation.

remote-torrent Download Torrent Remotely and Retrieve Files Over HTTP at Full Speed without ISP Torrent Limitation. This repository is an extension to

Bruce Wang 57 Oct 7, 2021
rconn is a multiplatform program for creating generic reverse connections. Lets you consume services that are behind firewall or NAT without opening ports or port-forwarding.

rconn (r[everse] conn[ection]) is a multiplatform program for creating reverse connections. It lets you consume services that are behind NAT and/or fi

Hikmat Jafarli 165 Jan 1, 2022
kcp is a prototype of a Kubernetes API server that is not a Kubernetes cluster - a place to create, update, and maintain Kube-like APis with controllers above or without clusters.

kcp is a minimal Kubernetes API server How minimal exactly? kcp doesn't know about Pods or Nodes, let alone Deployments, Services, LoadBalancers, etc.

Prototype of Future Kubernetes Ideas 1.1k Jan 17, 2022