Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Draft: feat: replace golang.zx2c4.com/wireguard with github.com/amnezia-vpn/amneziawg-go #102

Closed
wants to merge 1 commit into from
Closed

Draft: feat: replace golang.zx2c4.com/wireguard with github.com/amnezia-vpn/amneziawg-go #102

wants to merge 1 commit into from

Conversation

juev
Copy link
Contributor

@juev juev commented Feb 19, 2024

This is essentially a draft of software changes #101

Add support wireguard with obfuscation

Currently, the library being used has been changed. Changes were tested without changing the configuration file format.

In the future, we plan to add additional obfuscation parameters to the configuration. I may have time to do this in the near future.

@juev
feat: replace golang.zx2c4.com/wireguard with github.com/amnezia-vpn/…
f750e3d 
…amneziawg-go

Add support wireguard with obfuscation

Closed #101
@pufferffish
Copy link
Owner

Hello, I tried finding documentation on amneziawg-go but I couldn't find any. My questions are:

  1. Is it compatible with the original wireguard protocol?
  2. What methodologies is it using to offer protection against DPI?
  3. Is the team behind it trustworthy enough to ensure no malicious code makes it to wireproxy via vendor attack? To phrase it more bluntly, why should I trust this somewhat not well known fork, instead of wireguard itself?

Personally I would rather stick with wireguard for wireproxy than replacing it with amneziawg. I'm happy to see wireproxy being forked to support another protocol of course, but I don't think I would merge it into main.

@juev
Copy link
Contributor Author

juev commented Feb 19, 2024

Hello,

  1. Yes, the library is a fork of the original wireguard and adds only the ability to obfuscate. The standard configuration works the same as in the original client.
  2. Unfortunately, the protocol description was removed from the documentation https://amnezia.org/en/instructions/31_amneziawg, but the formal description is available on the page https://www.reddit.com/r/AmneziaVPN/comments/17g37ck/new_amneziawg_protocol_modified_wireguard/, I can contact the developers to get more information.
  3. This is a good question. To be honest, I don't have any proof of the developers ' trustworthiness. But judging by their online activity and the number of users who use their product, they can still be trusted. In addition, the library code is publicly available. And judging from what I've seen in the changes compared to the original wireguard, only what was claimed has been added.

As for preferences, I totally agree with you! But in this issue, I would still implement support for the new protocol, simply because we do not lose the old functionality, and in addition we get the ability to connect to servers using traffic masking. For a number of people, this will be very useful.

@juev
Copy link
Contributor Author

juev commented Feb 19, 2024
edited
Loading

I went to the developers https://t.me/amnezia_vpn_dev

I immediately came across the description page of the protocol used:
https://amnezia.org/en/learn-more/31_amneziawg

@juev
Copy link
Contributor Author

juev commented Feb 19, 2024

Sample config file:

[Interface]
PrivateKey = 
Address = 10.8.1.0/24
ListenPort = 37524
Jc = 8
Jmin = 50
Jmax = 1000
S1 = 57
S2 = 138
H1 = 32465355
H2 = 1457248667
H3 = 1456672562
H4 = 111345265
[Peer]
PublicKey = 
PresharedKey = 
AllowedIPs = 10.8.1.2/32

New options here:

Jc = 8
Jmin = 50
Jmax = 1000
S1 = 57
S2 = 138
H1 = 32465355
H2 = 1457248667
H3 = 1456672562
H4 = 111345265

@pufferffish
Copy link
Owner

Hello,

1. Yes, the library is a fork of the original wireguard and adds only the ability to obfuscate. The standard configuration works the same as in the original client.

2. Unfortunately, the protocol description was removed from the documentation https://amnezia.org/en/instructions/31_amneziawg, but the formal description is available on the page https://www.reddit.com/r/AmneziaVPN/comments/17g37ck/new_amneziawg_protocol_modified_wireguard/, I can contact the developers to get more information.

3. This is a good question. To be honest, I don't have any proof of the developers ' trustworthiness. But judging by their online activity and the number of users who use their product, they can still be trusted. In addition, the library code is publicly available. And judging from what I've seen in the changes compared to the original wireguard, only what was claimed has been added.

As for preferences, I totally agree with you! But in this issue, I would still implement support for the new protocol, simply because we do not lose the old functionality, and in addition we get the ability to connect to servers using traffic masking. For a number of people, this will be very useful.

I am happy to put a short mention on README to tell people about your fork. Personally while I agree the developers can be trusted, but on grounds of it being a relatively new project and not as established as vanilla wireguard itself, I don't think I am comfortable with merging this into main yet.

@juev
Copy link
Contributor Author

juev commented Feb 20, 2024

Copy that, thank you very much!
I will try to implement the changes in my fork.

@juev juev closed this Feb 20, 2024
@pufferffish pufferffish mentioned this pull request Apr 3, 2024
Closed
gokaybiz
gokaybiz reviewed Aug 5, 2024
View reviewed changes
Copy link

@gokaybiz gokaybiz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@artem-russkikh
Copy link
Contributor

@pufferffish @juev I've forked repository and add support for AmneziaWG: https://github.com/artem-russkikh/wireproxy-awg

Current link in README seems to be broken, so I propose to change it here

@artem-russkikh artem-russkikh mentioned this pull request Sep 12, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gokaybiz gokaybiz gokaybiz left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@juev @pufferffish @artem-russkikh @gokaybiz