nyr / wireguard-install Goto Github PK

View Code? Open in Web Editor NEW

3.6K 90.0 770.0 27 KB

WireGuard road warrior installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS and Fedora

License: MIT License

Shell 100.00%

wireguard vpn ubuntu debian centos fedora shell bash almalinux rockylinux

wireguard-install's People

Contributors

Stargazers

Watchers

Forkers

ossfile ultranijia 0xuezhi zhe77 tvision08 guonning mandymak nonomal imoe tookennysupreme jvmkit imawright iroshan cloudcone rabeharkab erikbozic ardipa khaledalhashem sudevn raviu56 lamlion elitegams lalatenduswain elevul redispade vizion8-dan paradox70 anmolnayyar adamus1red nebulabox top1st huihuishen 0x0000141 root9000 x1aaron marcosrv1804 hashzo omisnomis bloomcake zmeii85 a305tools xmlgrg kgmoohan simhaonline abhiabzs rasouli hiancdtrsnm hmidani-abdelilah jbenguira sitedata idaniellaw tjcomserv wikipikimiki zombie-technology rockdrigo alexwmidas pttlink sephirothchang rapidolhell keynertyc alaxcc hamidreza004 rjroot linailin chmodawk rapidthang6 benkemad kylechou0755 raiscui linny006-tecch o289697 mardetanha sahand12 realovich itwks fengsuidy coresh zipcheung seekhust arryboom joeneldeasis swipswaps mdaveynis shen-xianpeng jmpenalosa pangkunyi light-traveller pindank qnyblog bennywolf cicdata-io henrickcn olegtro alexlii1971 aiemassfiria ravishekharco defoechan davidji99 danchev ymcoming

wireguard-install's Issues

Raspbian Support

Hello,

Can you create for raspbian support?
Because in raspbian not connect.

Thanks.

Feature request: Reprint QR code for existing account.

Hello,

Is it possible to have a feature where I can reprint the QR code for an existing account that have already been created in the server? After all, copy-and-paste to a smartphone from a computer is not really trivial.

Proposed workflow

Run wget https://git.io/wireguard -O wireguard-install.sh && bash wireguard-install.sh on bash.
Select "Print QR code" option.
Select account whose QR code I want to scan.
QR code appears.
I scan QR code via wireguard client on smartphone.

Thanks.

How to run multiple instances of the WireGuard server?

Basically I want to create different VPN's each with it is own subnet and clients.

Failed to send data packet: An operation on a socket could not be performed because the system lacked sufficient buffer space or because a queue was full. #

I have created VPS on EC2 AWS and installed a wireguard with this script. https://github.com/Nyr/wireguard-install
everything fine working but often the internet connection drop. I check the logs from client windows os,
it says
2021-03-13 12:47:14.337: [TUN] [HK] peer(lucky…3G1A) - Failed to send data packet: An operation on a socket could not be performed because the system lacked sufficient buffer space or because a queue was full.

And I thought maybe instance hardware was inefficient, then I chance with c5large but still getting the same issues. What is it?
How to solve it?

OS : Ubuntu 20 Fossa
Script is Nyr Wireguard
ipv4 forwarding enabled.

https://imgbb.com/upload

thanks!

Additional Note :
I noticed that during uploading getting this err.

IP

When making a new client you cant specify a port or an ip you can do it manually but it would be cool to have it in the script when you run the script you can specify the port and ip to add a new client

Alternative

hey can u add my script on this as well, it seems like ur installing the gpg keys manually i think my script might be better for some users.

https://github.com/complexorganizations/wireguard-manager

Not really issue there

What's benefit using boringtun?

Question: Updating

Hello Nyr,

This is not a bug just a question: Do I have to uninstall and then reinstall wireguard script to get latest commits and fixes?

Thanks for the best OpenVPN and Wireguard brilliant and superb script in the world <3 <3 <3

Error! Bad return status for module build on kernel: 4.19.0-6-amd64 (x86_64)

This looks like a bug in wireguard code:

Error! Bad return status for module build on kernel: 4.19.0-6-amd64 (x86_64)
Consult /var/lib/dkms/wireguard/1.0.20201112/build/make.log for more information.
dpkg: ошибка при обработке пакета wireguard-dkms (--configure):
 installed wireguard-dkms package post-installation script subprocess returned error exit status 10

In the make.log:

  CC [M]  /var/lib/dkms/wireguard/1.0.20201112/build/socket.o
/var/lib/dkms/wireguard/1.0.20201112/build/socket.c: In function ‘send6’:
/var/lib/dkms/wireguard/1.0.20201112/build/socket.c:139:20: error: ‘const struct ipv6_stub’ has no member named ‘ipv6_dst_lookup_flow’; did you mean ‘ipv6_dst_lookup’?
   dst = ipv6_stub->ipv6_dst_lookup_flow(sock_net(sock), sock, &fl,
                    ^~~~~~~~~~~~~~~~~~~~
                    ipv6_dst_lookup
make[3]: *** [/usr/src/linux-headers-4.19.0-6-common/scripts/Makefile.build:309: /var/lib/dkms/wireguard/1.0.20201112/build/socket.o] Ошибка 1

Script was run on debian 10:

~# cat /etc/debian_version
10.7

Need improvement on readme

Thank you so much for your work
I love it
Will you update the readme.md for stop the service before we shut down our system then the start of command the service wireguard
At the moment i just remove the wireguard before turn of our system then reinstalled again

system requirement

what is system requirement about cpu and ram for 10 clients.
how about 1GB Ram and 2 core cpu on ubuntu 18(or 20)

It connects, But sometimes It doesn't work

I installed wireguard on my hetzner vps, But my ping is pretty bad. I tried by reinstalling and changing vps but i got same issue. is there anyway to debug?

Pinging 168.119.114.211 with 32 bytes of data:
Reply from 168.119.114.211: bytes=32 time=192ms TTL=64
Reply from 168.119.114.211: bytes=32 time=117ms TTL=64
Request timed out.
Request timed out.
Request timed out.
Reply from 168.119.114.211: bytes=32 time=215ms TTL=64
Request timed out.
Request timed out.
Request timed out.
Reply from 168.119.114.211: bytes=32 time=116ms TTL=64
Request timed out.
Request timed out.
Reply from 168.119.114.211: bytes=32 time=237ms TTL=64
Request timed out.
Reply from 168.119.114.211: bytes=32 time=180ms TTL=64
Request timed out.
Reply from 168.119.114.211: bytes=32 time=116ms TTL=64
Request timed out.
Reply from 168.119.114.211: bytes=32 time=117ms TTL=64
Reply from 168.119.114.211: bytes=32 time=184ms TTL=64
Reply from 168.119.114.211: bytes=32 time=178ms TTL=64
Reply from 168.119.114.211: bytes=32 time=117ms TTL=64
Reply from 168.119.114.211: bytes=32 time=118ms TTL=64
Reply from 168.119.114.211: bytes=32 time=184ms TTL=64
Reply from 168.119.114.211: bytes=32 time=117ms TTL=64
Reply from 168.119.114.211: bytes=32 time=117ms TTL=64
Reply from 168.119.114.211: bytes=32 time=134ms TTL=64
Request timed out.
Reply from 168.119.114.211: bytes=32 time=117ms TTL=64
Reply from 168.119.114.211: bytes=32 time=172ms TTL=64
Request timed out.
Request timed out.

Webbased admin/user Gui?

Hello,

This is not a issue post, but just a feature request.

Is it possible to intergrate an webased admin/user Gui please?

Just like these ones:
https://github.com/perara/wg-manager#Showcase

so that we can manager or add/remove user clients?

Thanks so much.

how to set Multiple Sessions per user?

Client "seems to" connect, but no internet access

After activation, it looks like it's connected.

Yet my log and internet access will tell you otherwise
log.txt

I'm running the server on a Contabo VPS running CentOS7. Not sure if this is useful but yea
I apologize in advance for not attaching possible necessary documents

Feature request / Question: Make the server also a "client" to a(n upstream VPN provider) wireguard server

Hi thanks for this awesome work!

I currently think about how to possibily extend this by having the server on which I am running this script being itself a wireguard client to some upstream wireguard server? So in other words, the server sending all of its traffic only to another wireguard server.

Thanks !

{Feature request} Ability to add custom IP to "Which IPv4 address should be used?"

Hi! Tanks for the great script! I Installed it on a VPS today and noticed I was unable to specify a custom IP based on the fixed floating IP that the VPS was assigned. A floating IP if not assigned to the actual VPS but simply redirected to the machine thus not detected. just thought it might be a nice addition. Thanks!

wg-iptables failed

Hello,

I try install this script on Ubuntu 20.04 with condition have installed docker with many IP local.
When i install this, script ask the IP and i choose IP Public.
Script running as well, except the wg-iptables service is failed.

When i look at the wg-iptables service, that command not include iptables path.
Example content created:
ExecStart= -t nat -A POSTROUTING -s 10.7.0.0/24 ! -d 10.7.0.0/24 -j SNAT --to [IP Public]

Not there iptables.

Any idea?

Thanks.

Can't access Google website via Google Cloud Platform

Install bash with GCP Compute Engine VM (f1 micro server, 1CPU + 600MB RAM)

Opened UDP and TCP firewall
- listener port 51820
- IP range 0.0.0.0/0
Google DNS settings during bash install (8.8.8.8, 8.8.4.4)

Everything good but can't visit Google sevice such as google drive, photo, account, gmail ... etc.

Show Request Timeout

Except google search (www.google.com) is working.

Any idea? thanks

How do I want to listen to multiple ports on the same server at the same time

我想在同一个服务器上同时监听多个端口应该如何操作
我的手机需要使用UDP 53端口
而我的电脑需要使用UDP 3100端口

谢谢您帮忙看看

uninstallation should fix networking the instalation broke (changed)

hi! when i installed the wireguard, my other interfaces were removed so i ended up without internet, when uninstalling this was kept so i lost my server, please set it so it restores old networking configuration.. thanks!

Can't update after running your script

Hi,
I freshly installed Pi-Os on rpi0, did
sudo apt update && upgrade -y
then I downloaded your script and executed it with
sudo bash wireguard-install.sh
VPN runs fine but now when I execute apt update it shows the following.
I don't know if this is a pi special thing or it happens in general.

Hit:1 http://raspbian.raspberrypi.org/raspbian buster InRelease
Get:2 http://deb.debian.org/debian buster-backports InRelease [46.7 kB]
Hit:3 http://archive.raspberrypi.org/debian buster InRelease
Get:4 https://download.docker.com/linux/raspbian buster InRelease [33.6 kB]
Err:2 http://deb.debian.org/debian buster-backports InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 04EE7237B7D453EC NO_PUBKEY 648ACFD622F3D138
Reading package lists... Done
W: GPG error: http://deb.debian.org/debian buster-backports InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 04EE7237B7D453EC NO_PUBKEY 648ACFD622F3D138
E: The repository 'http://deb.debian.org/debian buster-backports InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

Can not access to internet

Hello,

I am in China, and I already setup both server end and my PC client.

It show connected on client, but only show send data and no recieving data.

Once it is connected, I can not access any website on my pc.

I already tried all of the dns server for client:

Current system resolvers
2) Google
3) 1.1.1.1
4) OpenDNS
5) Quad9
6) AdGuard

but no lucky to me, any suggestions would be highly appreciated.

Thanks and have a nice day.

Can't install to ubuntu 20.04

~/wireguard# sh wireguard-install.sh
wireguard-install.sh: read: line 9: illegal option -N
This installer seems to be running on an unsupported distribution.
Supported distributions are Ubuntu, Debian, CentOS, and Fedora.

Service unable start on OpenVZ CentOS 7

[root@id-gw1 ~]# uname -a
Linux id-gw1 2.6.32-042stab142.1 #1 SMP Tue Jan 28 23:44:17 MSK 2020 x86_64 x86_64 x86_64 GNU/Linux

Complete!
Created symlink from /etc/systemd/system/multi-user.target.wants/wg-iptables.service to /etc/systemd/system/wg-iptables.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/[email protected] to /usr/lib/systemd/system/[email protected].
Job for [email protected] failed because the control process exited with error code. See "systemctl status [email protected]" and "journalctl -xe" for details.

[root@id-gw1 ~]# systemctl status [email protected]
● [email protected] - WireGuard via wg-quick(8) for wg0
   Loaded: loaded (/usr/lib/systemd/system/[email protected]; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/[email protected]
           └─boringtun.conf
   Active: failed (Result: exit-code) since Tue 2020-05-19 20:49:32 EDT; 3min 48s ago
     Docs: man:wg-quick(8)
           man:wg(8)
           https://www.wireguard.com/
           https://www.wireguard.com/quickstart/
           https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8
           https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8
  Process: 629 ExecStart=/usr/bin/wg-quick up %i (code=exited, status=1/FAILURE)
 Main PID: 629 (code=exited, status=1/FAILURE)

May 19 20:49:32 id-gw1 wg-quick[629]: BoringTun started successfully
May 19 20:49:32 id-gw1 wg-quick[629]: [#] wg setconf wg0 /dev/fd/63
May 19 20:49:32 id-gw1 wg-quick[629]: Unable to modify interface: Protocol not supported
May 19 20:49:32 id-gw1 wg-quick[629]: Unable to access interface: Protocol not supported
May 19 20:49:32 id-gw1 wg-quick[629]: [#] ip link delete dev wg0
May 19 20:49:32 id-gw1 wg-quick[629]: Cannot find device "wg0"
May 19 20:49:32 id-gw1 systemd[1]: [email protected]: main process exited, code=exited, status=1/FAILURE
May 19 20:49:32 id-gw1 systemd[1]: Failed to start WireGuard via wg-quick(8) for wg0.
May 19 20:49:32 id-gw1 systemd[1]: Unit [email protected] entered failed state.
May 19 20:49:32 id-gw1 systemd[1]: [email protected] failed.

[root@id-gw1 ~]# cat /var/log/messages 
May 19 20:47:41 id-gw1 systemd: Stopping OpenSSH server daemon...
May 19 20:47:41 id-gw1 systemd: Stopping System Logging Service...
May 19 20:47:41 id-gw1 systemd: Stopped OpenSSH server daemon.
May 19 20:47:41 id-gw1 systemd: Stopped Login Service.
May 19 20:47:41 id-gw1 systemd: Stopped System Logging Service.
May 19 20:47:41 id-gw1 systemd: Stopped D-Bus System Message Bus.
May 19 20:47:41 id-gw1 systemd: Stopped SASL authentication daemon..
May 19 20:47:41 id-gw1 systemd: Stopped Getty on tty2.
May 19 20:47:41 id-gw1 systemd: Stopped Console Getty.
May 19 20:47:41 id-gw1 systemd: Stopped Command Scheduler.
May 19 20:47:41 id-gw1 systemd: Stopped Xinetd A Powerful Replacement For Inetd.
May 19 20:47:41 id-gw1 systemd: Failed to propagate agent release message: Transport endpoint is not connected
May 19 20:47:41 id-gw1 systemd: Failed to propagate agent release message: Transport endpoint is not connected
May 19 20:47:41 id-gw1 systemd: Failed to propagate agent release message: Transport endpoint is not connected
May 19 20:47:41 id-gw1 systemd: Failed to propagate agent release message: Transport endpoint is not connected
May 19 20:47:41 id-gw1 systemd: Failed to propagate agent release message: Transport endpoint is not connected
May 19 20:47:41 id-gw1 systemd: Failed to propagate agent release message: Transport endpoint is not connected
May 19 20:47:41 id-gw1 systemd: Failed to propagate agent release message: Transport endpoint is not connected
May 19 20:47:41 id-gw1 systemd: Failed to propagate agent release message: Transport endpoint is not connected
May 19 20:47:41 id-gw1 systemd: Failed to propagate agent release message: Transport endpoint is not connected
May 19 20:47:41 id-gw1 systemd: Removed slice system-getty.slice.
May 19 20:47:41 id-gw1 systemd: Stopping system-getty.slice.
May 19 20:47:41 id-gw1 systemd: Stopping Permit User Sessions...
May 19 20:47:41 id-gw1 systemd: Stopped Permit User Sessions.
May 19 20:47:41 id-gw1 systemd: Stopped target Remote File Systems.
May 19 20:47:41 id-gw1 systemd: Stopping Remote File Systems.
May 19 20:47:42 id-gw1 network: Shutting down interface venet0:  [  OK  ]
May 19 20:47:42 id-gw1 network: Shutting down loopback interface:  [  OK  ]
May 19 20:47:42 id-gw1 systemd: Stopped LSB: Bring up/down networking.
May 19 20:47:42 id-gw1 systemd: Stopping IPv4 firewall with iptables...
May 19 20:47:42 id-gw1 iptables.init: iptables: Setting chains to policy ACCEPT: nat filter mangle raw [  OK  ]
May 19 20:47:42 id-gw1 iptables.init: iptables: Flushing firewall rules: [  OK  ]
May 19 20:47:42 id-gw1 iptables.init: iptables: Unloading modules: [  OK  ]
May 19 20:47:42 id-gw1 systemd: Stopped IPv4 firewall with iptables.
May 19 20:47:42 id-gw1 systemd: Stopped target Basic System.
May 19 20:47:42 id-gw1 systemd: Stopping Basic System.
May 19 20:47:42 id-gw1 systemd: Stopped target Slices.
May 19 20:47:42 id-gw1 systemd: Stopping Slices.
May 19 20:47:42 id-gw1 systemd: Removed slice User and Session Slice.
May 19 20:47:42 id-gw1 systemd: Stopping User and Session Slice.
May 19 20:47:42 id-gw1 systemd: Stopped target Paths.
May 19 20:47:42 id-gw1 systemd: Stopping Paths.
May 19 20:47:42 id-gw1 systemd: Stopped Flexible branding.
May 19 20:47:42 id-gw1 systemd: Stopping Flexible branding.
May 19 20:47:42 id-gw1 systemd: Stopped Forward Password Requests to Wall Directory Watch.
May 19 20:47:42 id-gw1 systemd: Stopping Forward Password Requests to Wall Directory Watch.
May 19 20:47:42 id-gw1 systemd: Stopped Dispatch Password Requests to Console Directory Watch.
May 19 20:47:42 id-gw1 systemd: Stopping Dispatch Password Requests to Console Directory Watch.
May 19 20:47:42 id-gw1 systemd: Stopped target Sockets.
May 19 20:47:42 id-gw1 systemd: Stopping Sockets.
May 19 20:47:42 id-gw1 systemd: Closed RPCbind Server Activation Socket.
May 19 20:47:42 id-gw1 systemd: Stopping RPCbind Server Activation Socket.
May 19 20:47:42 id-gw1 systemd: Closed D-Bus System Message Bus Socket.
May 19 20:47:42 id-gw1 systemd: Stopping D-Bus System Message Bus Socket.
May 19 20:47:42 id-gw1 systemd: Stopped target System Initialization.
May 19 20:47:42 id-gw1 systemd: Stopping System Initialization.
May 19 20:47:42 id-gw1 systemd: Stopping Load/Save Random Seed...
May 19 20:47:42 id-gw1 systemd: Stopping Update UTMP about System Boot/Shutdown...
May 19 20:47:42 id-gw1 systemd: Stopped target Encrypted Volumes.
May 19 20:47:42 id-gw1 systemd: Stopping Encrypted Volumes.
May 19 20:47:42 id-gw1 systemd: Stopped Apply Kernel Variables.
May 19 20:47:42 id-gw1 systemd: Stopping Apply Kernel Variables...
May 19 20:47:42 id-gw1 systemd: Stopped target Swap.
May 19 20:47:42 id-gw1 systemd: Stopping Swap.
May 19 20:47:42 id-gw1 systemd: Stopped Update UTMP about System Boot/Shutdown.
May 19 20:47:42 id-gw1 systemd: Stopped Load/Save Random Seed.
May 19 20:47:42 id-gw1 systemd: Stopped Create Volatile Files and Directories.
May 19 20:47:42 id-gw1 systemd: Stopping Create Volatile Files and Directories...
May 19 20:47:42 id-gw1 systemd: Stopped target Local File Systems.
May 19 20:47:42 id-gw1 systemd: Stopping Local File Systems.
May 19 20:47:42 id-gw1 systemd: Stopped target Local File Systems (Pre).
May 19 20:47:42 id-gw1 systemd: Stopping Local File Systems (Pre).
May 19 20:47:42 id-gw1 systemd: Stopped Configure read-only root support.
May 19 20:47:42 id-gw1 systemd: Stopping Configure read-only root support...
May 19 20:47:42 id-gw1 systemd: Stopped Remount Root and Kernel File Systems.
May 19 20:47:42 id-gw1 systemd: Stopping Remount Root and Kernel File Systems...
May 19 20:47:42 id-gw1 systemd: Reached target Shutdown.
May 19 20:47:42 id-gw1 systemd: Starting Shutdown.
May 19 20:47:42 id-gw1 systemd: Reached target Final Step.
May 19 20:47:42 id-gw1 systemd: Starting Final Step.
May 19 20:47:42 id-gw1 systemd: Starting Halt...
May 19 20:47:42 id-gw1 systemd: Shutting down.
May 19 20:47:42 id-gw1 journal: Journal stopped
May 19 20:47:45 id-gw1 journal: Runtime journal is using 4.0M (max allowed 12.8M, trying to leave 19.2M free of 123.9M available → current limit 12.8M).
May 19 20:47:45 id-gw1 journal: Permanent journal is using 16.0M (max allowed 512.0M, trying to leave 768.0M free of 4.3G available → current limit 512.0M).
May 19 20:47:45 id-gw1 journal: Time spent on flushing to /var is 575us for 2 entries.
May 19 20:47:45 id-gw1 journal: Journal started
May 19 20:47:45 id-gw1 systemd-vconsole-setup: Device /dev/tty0 is not a virtual console.
May 19 20:47:45 id-gw1 systemd-udevd: starting version 219
May 19 20:47:45 id-gw1 systemd: Starting Flush Journal to Persistent Storage...
May 19 20:47:45 id-gw1 systemd: Started Flush Journal to Persistent Storage.
May 19 20:47:45 id-gw1 systemd: Starting Create Volatile Files and Directories...
May 19 20:47:45 id-gw1 systemd: Started Create Volatile Files and Directories.
May 19 20:47:45 id-gw1 systemd: Starting Update UTMP about System Boot/Shutdown...
May 19 20:47:45 id-gw1 systemd: Started Update UTMP about System Boot/Shutdown.
May 19 20:47:45 id-gw1 systemd: Reached target System Initialization.
May 19 20:47:45 id-gw1 systemd: Starting System Initialization.
May 19 20:47:45 id-gw1 systemd: Listening on D-Bus System Message Bus Socket.
May 19 20:47:45 id-gw1 systemd: Starting D-Bus System Message Bus Socket.
May 19 20:47:45 id-gw1 systemd: Listening on RPCbind Server Activation Socket.
May 19 20:47:45 id-gw1 systemd: Starting RPCbind Server Activation Socket.
May 19 20:47:45 id-gw1 systemd: Reached target Sockets.
May 19 20:47:45 id-gw1 systemd: Starting Sockets.
May 19 20:47:45 id-gw1 systemd: Started Flexible branding.
May 19 20:47:45 id-gw1 systemd: Starting Flexible branding.
May 19 20:47:45 id-gw1 systemd: Reached target Paths.
May 19 20:47:45 id-gw1 systemd: Starting Paths.
May 19 20:47:45 id-gw1 systemd: Reached target Basic System.
May 19 20:47:45 id-gw1 systemd: Starting Basic System.
May 19 20:47:45 id-gw1 systemd: Starting Dump dmesg to /var/log/dmesg...
May 19 20:47:45 id-gw1 systemd: Started OpenSSH Server Key Generation.
May 19 20:47:45 id-gw1 systemd: Started D-Bus System Message Bus.
May 19 20:47:45 id-gw1 systemd: Starting D-Bus System Message Bus...
May 19 20:47:45 id-gw1 systemd: Starting IPv4 firewall with iptables...
May 19 20:47:45 id-gw1 systemd: Started OpenSSH server daemon.
May 19 20:47:45 id-gw1 systemd: Starting OpenSSH server daemon...
May 19 20:47:45 id-gw1 systemd: Starting Login Service...
May 19 20:47:45 id-gw1 systemd: Starting System Logging Service...
May 19 20:47:45 id-gw1 systemd: Starting SASL authentication daemon....
May 19 20:47:45 id-gw1 systemd: Starting Permit User Sessions...
May 19 20:47:45 id-gw1 systemd: Starting Xinetd A Powerful Replacement For Inetd...
May 19 20:47:45 id-gw1 systemd: Started Daily Cleanup of Temporary Directories.
May 19 20:47:45 id-gw1 systemd: Starting Daily Cleanup of Temporary Directories.
May 19 20:47:45 id-gw1 systemd: Reached target Timers.
May 19 20:47:45 id-gw1 systemd: Starting Timers.
May 19 20:47:45 id-gw1 systemd: Started Dump dmesg to /var/log/dmesg.
May 19 20:47:45 id-gw1 systemd-logind: New seat seat0.
May 19 20:47:45 id-gw1 systemd: Started Permit User Sessions.
May 19 20:47:45 id-gw1 systemd: Started Login Service.
May 19 20:47:45 id-gw1 systemd: Started Command Scheduler.
May 19 20:47:45 id-gw1 systemd: Starting Command Scheduler...
May 19 20:47:45 id-gw1 systemd: Started Getty on tty2.
May 19 20:47:45 id-gw1 systemd: Starting Getty on tty2...
May 19 20:47:45 id-gw1 systemd: Started Console Getty.
May 19 20:47:45 id-gw1 systemd: Starting Console Getty...
May 19 20:47:45 id-gw1 systemd: Reached target Login Prompts.
May 19 20:47:45 id-gw1 systemd: Starting Login Prompts.
May 19 20:47:45 id-gw1 systemd: Started System Logging Service.
May 19 20:47:45 id-gw1 saslauthd[111]: detach_tty      : master pid is: 111
May 19 20:47:45 id-gw1 systemd: Started SASL authentication daemon..
May 19 20:47:45 id-gw1 saslauthd[111]: ipc_init        : listening on socket: /run/saslauthd/mux
May 19 20:47:45 id-gw1 iptables.init: iptables: Applying firewall rules: [  OK  ]
May 19 20:47:45 id-gw1 systemd: Started IPv4 firewall with iptables.
May 19 20:47:45 id-gw1 systemd: Starting LSB: Bring up/down networking...
May 19 20:47:45 id-gw1 systemd: PID file /var/run/xinetd.pid not readable (yet?) after start.
May 19 20:47:45 id-gw1 systemd: Started Xinetd A Powerful Replacement For Inetd.
May 19 20:47:45 id-gw1 xinetd[125]: xinetd Version 2.3.15 started with libwrap loadavg labeled-networking options compiled in.
May 19 20:47:45 id-gw1 xinetd[125]: Started working: 0 available services
May 19 20:47:45 id-gw1 network: Bringing up loopback interface:  [  OK  ]
May 19 20:47:45 id-gw1 network: Bringing up interface venet0:  arping: Device venet0 not available.
May 19 20:47:46 id-gw1 network: [  OK  ]
May 19 20:47:46 id-gw1 systemd: Started LSB: Bring up/down networking.
May 19 20:47:46 id-gw1 systemd: Reached target Network is Online.
May 19 20:47:46 id-gw1 systemd: Starting Network is Online.
May 19 20:47:46 id-gw1 systemd: Reached target Multi-User System.
May 19 20:47:46 id-gw1 systemd: Starting Multi-User System.
May 19 20:47:46 id-gw1 systemd: Starting Tell that Container is started...
May 19 20:47:46 id-gw1 systemd: Started Tell that Container is started.
May 19 20:47:46 id-gw1 systemd: Reached target Graphical Interface.
May 19 20:47:46 id-gw1 systemd: Starting Graphical Interface.
May 19 20:47:46 id-gw1 systemd: Starting Update UTMP about System Runlevel Changes...
May 19 20:47:46 id-gw1 systemd: Started Stop Read-Ahead Data Collection 10s After Completed Startup.
May 19 20:47:46 id-gw1 systemd: Started Update UTMP about System Runlevel Changes.
May 19 20:47:46 id-gw1 systemd: Startup finished in 1.766s.
May 19 20:48:01 id-gw1 systemd: Created slice user-0.slice.
May 19 20:48:01 id-gw1 systemd: Starting user-0.slice.
May 19 20:48:01 id-gw1 systemd-logind: New session 755170 of user root.
May 19 20:48:01 id-gw1 systemd: Started Session 755170 of user root.
May 19 20:48:01 id-gw1 systemd: Starting Session 755170 of user root.
May 19 20:48:53 id-gw1 yum[418]: Installed: epel-release-7-11.noarch
May 19 20:49:05 id-gw1 yum[453]: Updated: p11-kit-0.23.5-3.el7.x86_64
May 19 20:49:05 id-gw1 yum[453]: Updated: p11-kit-trust-0.23.5-3.el7.x86_64
May 19 20:49:09 id-gw1 yum[453]: Updated: ca-certificates-2019.2.32-76.el7_7.noarch
May 19 20:49:10 id-gw1 yum[453]: Updated: 1:openssl-libs-1.0.2k-19.el7.x86_64
May 19 20:49:11 id-gw1 yum[453]: Installed: python3-pip-9.0.3-7.el7_7.noarch
May 19 20:49:12 id-gw1 yum[453]: Installed: python3-setuptools-39.2.0-10.el7.noarch
May 19 20:49:13 id-gw1 yum[453]: Installed: python3-3.6.8-13.el7.x86_64
May 19 20:49:17 id-gw1 yum[453]: Installed: python3-libs-3.6.8-13.el7.x86_64
May 19 20:49:17 id-gw1 systemd: Stopping Command Scheduler...
May 19 20:49:17 id-gw1 systemd: Started Command Scheduler.
May 19 20:49:17 id-gw1 systemd: Starting Command Scheduler...
May 19 20:49:17 id-gw1 yum[453]: Updated: cronie-1.4.11-23.el7.x86_64
May 19 20:49:18 id-gw1 yum[453]: Updated: cronie-noanacron-1.4.11-23.el7.x86_64
May 19 20:49:18 id-gw1 yum[453]: Installed: 2:libpng-1.5.13-7.el7_2.x86_64
May 19 20:49:19 id-gw1 yum[453]: Installed: qrencode-3.4.1-3.el7.x86_64
May 19 20:49:19 id-gw1 yum[453]: Installed: wireguard-tools-1.0.20200319-1.el7.x86_64
May 19 20:49:20 id-gw1 yum[453]: Updated: 1:openssl-1.0.2k-19.el7.x86_64
May 19 20:49:21 id-gw1 yum[453]: Updated: 2:tar-1.26-35.el7.x86_64
May 19 20:49:21 id-gw1 systemd: Reloading.
May 19 20:49:21 id-gw1 systemd: [/usr/lib/systemd/system/vzfifo.service:19] Support for option SysVStartPriority= has been removed and it is ignored
May 19 20:49:21 id-gw1 systemd: Stopping Command Scheduler...
May 19 20:49:21 id-gw1 systemd: Started Command Scheduler.
May 19 20:49:21 id-gw1 systemd: Starting Command Scheduler...
May 19 20:49:32 id-gw1 systemd: Reloading.
May 19 20:49:32 id-gw1 systemd: [/usr/lib/systemd/system/vzfifo.service:19] Support for option SysVStartPriority= has been removed and it is ignored
May 19 20:49:32 id-gw1 systemd: Reloading.
May 19 20:49:32 id-gw1 systemd: [/usr/lib/systemd/system/vzfifo.service:19] Support for option SysVStartPriority= has been removed and it is ignored
May 19 20:49:32 id-gw1 systemd: Starting wg-iptables.service...
May 19 20:49:32 id-gw1 systemd: Started wg-iptables.service.
May 19 20:49:32 id-gw1 systemd: Reloading.
May 19 20:49:32 id-gw1 systemd: [/usr/lib/systemd/system/vzfifo.service:19] Support for option SysVStartPriority= has been removed and it is ignored
May 19 20:49:32 id-gw1 systemd: Reached target Host and Network Name Lookups.
May 19 20:49:32 id-gw1 systemd: Starting Host and Network Name Lookups.
May 19 20:49:32 id-gw1 systemd: Created slice system-wg\x2dquick.slice.
May 19 20:49:32 id-gw1 systemd: Starting system-wg\x2dquick.slice.
May 19 20:49:32 id-gw1 systemd: Starting WireGuard via wg-quick(8) for wg0...
May 19 20:49:32 id-gw1 wg-quick: [#] ip link add wg0 type wireguard
May 19 20:49:32 id-gw1 wg-quick: RTNETLINK answers: Operation not supported
May 19 20:49:32 id-gw1 wg-quick: [!] Missing WireGuard kernel module. Falling back to slow userspace implementation.
May 19 20:49:32 id-gw1 wg-quick: [#] boringtun wg0
May 19 20:49:32 id-gw1 wg-quick: BoringTun started successfully
May 19 20:49:32 id-gw1 wg-quick: [#] wg setconf wg0 /dev/fd/63
May 19 20:49:32 id-gw1 wg-quick: Unable to modify interface: Protocol not supported
May 19 20:49:32 id-gw1 wg-quick: Unable to access interface: Protocol not supported
May 19 20:49:32 id-gw1 wg-quick: [#] ip link delete dev wg0
May 19 20:49:32 id-gw1 wg-quick: Cannot find device "wg0"
May 19 20:49:32 id-gw1 systemd: [email protected]: main process exited, code=exited, status=1/FAILURE
May 19 20:49:32 id-gw1 systemd: Failed to start WireGuard via wg-quick(8) for wg0.
May 19 20:49:32 id-gw1 systemd: Unit [email protected] entered failed state.
May 19 20:49:32 id-gw1 systemd: [email protected] failed.

ipv6 subnet not created

Hi, I see only ipv4 subnet in interface section of server config

is it some detection or something?

have to add ipv6 subnet manually

Not Incrementing Correctly

Just did a fresh install on Ubuntu 20.04.

The first client had the .2 IP address, however when I created a second client it also had .2

Third, and Forth clients got .3 and .4

Seems to be an issue during setup.

No internet access "sometimes" after wireguard installation

Hello, I have setup wireguard with your beautiful script

it's works ! I can connect to my server from LTE but I can't reach internet

I have also check if the ip forwading was activated with echo 1 > /proc/sys/net/ipv4/ip_forward

do you have an issue to solve my problem ?

thank's

brlndtech

(Debian 10.X)

Hello, does this script has "no Log VPN" feature? thank you

An error appears during installation

During the installation, there were errors, please tell me what you need to do to make the installation successful? Thanks!

`WireGuard installation is ready to begin.
Press any key to continue... CentOS-8 - AppStream [=== ] --- CentOS-8 - AppStream 9.4 MB/s | 6.3 MB 00:00
wireguard-install.sh: line 667: 843 Killed dnf install -y epe l-release
wireguard-install.sh: line 667: 849 Killed dnf install -y wir eguard-tools qrencode ca-certificates tar $cron $firewall
wireguard-install.sh: line 366: wg: command not found
success
success
success
success
success
success
success
success
success
success
wireguard-install.sh: line 151: wg: command not found
wireguard-install.sh: line 152: wg: command not found
wireguard-install.sh: line 154: wg: command not found
wireguard-install.sh: line 163: wg: command not found
Failed to enable unit: Unit file [email protected] does not exist.

wireguard-install.sh: line 478: qrencode: command not found
↑ That is a QR code containing the client configuration.

Finished!

The client configuration is available in: /root/ios.conf
New clients can be added by running this script again.`

connected but no internet access

here is my command and result
❯ sudo wg-quick up wg0-clien

[#] ip link add wg0-clien type wireguard
[#] wg setconf wg0-clien /dev/fd/63
[#] ip -4 address add 10.7.0.2/24 dev wg0-clien
[#] ip -6 address add fddd:2c4:2c4:2c4::2/64 dev wg0-clien
[#] ip link set mtu 1420 up dev wg0-clien
[#] resolvconf -a tun.wg0-clien -m 0 -x
[#] wg set wg0-clien fwmark 51820
[#] ip -6 route add ::/0 dev wg0-clien table 51820
[#] ip -6 rule add not fwmark 51820 table 51820
[#] ip -6 rule add table main suppress_prefixlength 0
[#] ip6tables-restore -n
[#] ip -4 route add 0.0.0.0/0 dev wg0-clien table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
[#] iptables-restore -n

is there anything that im doing wrong?
i tried on an android and a linux, same resutl so i think something is wrong with server.

Recommended to add MTU

We have tested WireGuard, and its speed is very slow without the MTU directive on client config.
Maybe add it to the auto-generated user config?

MTU = 1400

Could support forward A IP to B IP?

My network like follow

|Windows Wireguard VPN client(IP:10.8.0.2)|--->|A:Wireguard VPN Server(IP:10.8.0.1)|+|C:Wireguard VPN Client(IP:10.7.0.2)|--->|B:Wireguard Server(IP:10.7.0.1)|

I can connect from Windows Wireguard VPN client to A wireguard vpn server and C wireguard client also can connect to B server.I hope windows client through A server and forward to B server then go to internet.But Windows only ping 10.8.0.0 network.I try setup C client allow ips add 10.8.0.0/24.But it's can't up this interface when I add allow ips 10.8.0.0/24.Could teach me how to do it?

debian_version is determined wrong

this is wrong

wireguard-install/wireguard-install.sh

Line 34 in 137b08a

os_version=$(grep -oE '[0-9]+' /etc/debian_version | head -1)

my debian_version file only consists of "bullseye/sid", no numbers, i'm on the unstable branch of debian

Bandwith Settings

Hi, is there any bandwidth option per user?

How to increase 253 IP Limit

Hi,

Can you please amend the script so that it allows more IP?

Hello, can you add Udp2raw-tunnel support or something similar? thank you

Hello, can you add Udp2raw-tunnel support or something similar? thank you
ISP providers in some countries add QoS restriction, if use Udp2raw-tunnel can helps Bypass UDP masking or QoS restrictions

Support for custom ip-range

Hi,

Would it be possible to add support for using custom ip-range for the vpn peers and setup?

Br,
Andreas

wg-iptables.service broke on Ubuntu 20.04.3 LTS

Somehow (I believe, didn't touch anything in a while?) WireGuard stopped working on my server. Can't say when exactly it happened, maybe few weeks ago — I'm not using it too often.

Anyway, onto investigation:

$ systemctl status wg-iptables.service
● wg-iptables.service
     Loaded: loaded (/etc/systemd/system/wg-iptables.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Tue 2021-09-07 18:54:16 UTC; 6 days ago
   Main PID: 1104 (code=exited, status=4)

Sep 07 18:54:17 do iptables[1104]: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?
Sep 07 18:54:16 do systemd[1]: Starting wg-iptables.service...
Sep 07 18:54:16 do systemd[1]: wg-iptables.service: Main process exited, code=exited, status=4/NOPERMISSION
Sep 07 18:54:16 do systemd[1]: wg-iptables.service: Failed with result 'exit-code'.
Sep 07 18:54:16 do systemd[1]: Failed to start wg-iptables.service.

So, wg-iptables service failed. This service file is created by wireguard-install script as a part of installation process. Last time I remember, I had similar problems with openvpn-install: that time it turned out some tool or systemd service changed their name, and thus broke compatibility. But this time it sounds like two processes are ending up in a race condition over iptables database?

I restarted both wg-iptables.service and [email protected], and then tried to connect. Ping by IP works, DNS took few tries to resolve, but generally it back on-line.

Now I wonder, why did that happen, and how can we avoid the need for such manual interventions?

Cannot import .conf file in ubuntu

I try to import in NetworkManager like .ovpn file from script but Ubuntu refuse to import wireguard client .conf file. Is there some special way to make it work?
Regards.

Can this script use with ufw firewall?

I can see the script is config with iptables and firewalld only. Can it be used with the system which has ufw enabled? Thank you.

DNS leak

Hello,

It seem not prevent DNS leak by now, and I followed several tutorial to prevent DNS leak,like this one https://www.ckn.io/blog/2017/11/14/wireguard-vpn-typical-setup/

but always failed.

I just suppose that tutorials doe not work with this wireguard-install script, would you please let me know how to resovle, alternatively, a tutorial would be great appriecated.

Thanks

Query over json instead of parsing text?

The script uses ip(8) and grep(1) extensively. But the ip(8) family of commands supports json output via -j flag, which can be further operated on through jq(1) — command-line JSON processor.

If it would be alright to rely on existence of jq in $PATH (or at least on the ability to install it from repos on all supported systems), I think it would be feasible and more reliable to perform JSON queries rather than grepping plain text with repetitive and error-prone regexes.

For example, this first occurrence of ip|grep is the script:

if [[ $(ip -4 addr | grep inet | grep -vEc '127(\.[0-9]{1,3}){3}') -eq 1 ]]; then
  ip=$(ip -4 addr | grep inet | grep -vE '127(\.[0-9]{1,3}){3}' | cut -d '/' -f 1 | grep -oE '[0-9]{1,3}(\.[0-9]{1,3}){3}')
else

...could be replaced with this pipeline:

if [[ $(ip -j -4 addr | jq '[ .[].addr_info | .[].local | select(startswith("127.")|not) ] | length') -eq 1 ]]; then
  ip=$(ip -j -4 addr | jq -r '[ .[].addr_info | .[].local | select(startswith("127.")|not) ][0]')
else

And the second line is even shorter, indeed because there's actually less work to do — no need to count matches. They might be lengthier that grep variants on average, but just look at dat self-descriptiveness! I'm not a jq expert though, so there might be some space for improvements.

I'm willing to help and rewrite queries to jq. Let's talk about it.

no client.conf after it is done

It installs and does everything fine but I don't find the conf file in /root/client.conf

No internet after disconnect

Hello, I have script installed on CentOS server. I have problem with laptops with Archlinux [KDE and GNOME] and Ubuntu. When I disconnect from wireguard in GUI (network manager) I don't have internet. I must disconnect from my wifi network and connect again. I import my wireguard to GUI with command: nmcli connection import type wireguard file /etc/wireguard/wireguard.conf.
Any advice how to fix that?
Regards.

[Feature Request] DoH / DoT support

Feature request: add in the script an option to run Dns over Https or Dns over Tls to a trusted upstream provider (cloudflare, google, quad9, etc)

You could install the bind the dns tunnel to a local address such as 127.53.53.53 where it would be unlikely to cause a port conflict and impossible to resolve dns requests outside the DoH/DoT tunnel.

This should fix #39

Building initial module for 4.19.0-16-amd64

The server is always hanging while installing the script on Building initial module for 4.19.0-16-amd64

handshake problem

connection is established but no incoming traffic.
log:

2021-02-10` 16:05:20.720256: [MGR] Starting WireGuard/0.3.5 (Windows 10.0.16299; amd64)
2021-02-10 16:05:20.726264: [MGR] Starting UI process for user ‘Vahid@VAHID-PC’ for session 1
2021-02-10 16:06:51.622928: [TUN] [client] Starting WireGuard/0.3.5 (Windows 10.0.16299; amd64)
2021-02-10 16:06:51.639949: [TUN] [client] Watching network interfaces
2021-02-10 16:06:51.640951: [TUN] [client] Resolving DNS names
2021-02-10 16:06:51.640951: [TUN] [client] Creating Wintun interface
2021-02-10 16:06:51.750076: [TUN] [client] [Wintun] CreateAdapter: Creating adapter
2021-02-10 16:06:52.044028: [TUN] [client] [Wintun] SelectDriver: Extracting driver
2021-02-10 16:06:52.056059: [TUN] [client] [Wintun] SelectDriver: Installing driver
2021-02-10 16:06:52.924709: [TUN] [client] Using Wintun/0.10
2021-02-10 16:06:52.924709: [TUN] [client] Enabling firewall rules
2021-02-10 16:06:52.957749: [TUN] [client] Dropping privileges
2021-02-10 16:06:52.958751: [TUN] [client] Creating interface instance
2021-02-10 16:06:52.958751: [TUN] [client] Setting interface configuration
2021-02-10 16:06:52.958751: [TUN] [client] Routine: handshake worker - started
2021-02-10 16:06:52.958751: [TUN] [client] UAPI: Updating private key
2021-02-10 16:06:52.958751: [TUN] [client] Routine: encryption worker - started
2021-02-10 16:06:52.958751: [TUN] [client] Routine: decryption worker - started
2021-02-10 16:06:52.958751: [TUN] [client] Routine: handshake worker - started
2021-02-10 16:06:52.958751: [TUN] [client] Routine: encryption worker - started
2021-02-10 16:06:52.958751: [TUN] [client] Routine: decryption worker - started
2021-02-10 16:06:52.958751: [TUN] [client] Routine: decryption worker - started
2021-02-10 16:06:52.958751: [TUN] [client] Routine: encryption worker - started
2021-02-10 16:06:52.958751: [TUN] [client] Routine: decryption worker - started
2021-02-10 16:06:52.958751: [TUN] [client] Routine: handshake worker - started
2021-02-10 16:06:52.958751: [TUN] [client] Routine: encryption worker - started
2021-02-10 16:06:52.958751: [TUN] [client] Routine: TUN reader - started
2021-02-10 16:06:52.959753: [TUN] [client] UAPI: Removing all peers
2021-02-10 16:06:52.959753: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Created
2021-02-10 16:06:52.959753: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Updating preshared key
2021-02-10 16:06:52.959753: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Updating endpoint
2021-02-10 16:06:52.959753: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Updating persistent keepalive interval
2021-02-10 16:06:52.959753: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Removing all allowedips
2021-02-10 16:06:52.959753: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Adding allowedip
2021-02-10 16:06:52.959753: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Adding allowedip
2021-02-10 16:06:52.959753: [TUN] [client] Bringing peers up
2021-02-10 16:06:52.959753: [TUN] [client] Routine: event worker - started
2021-02-10 16:06:52.959753: [TUN] [client] Routine: handshake worker - started
2021-02-10 16:06:52.960753: [TUN] [client] UDP bind has been updated
2021-02-10 16:06:52.960753: [TUN] [client] peer(LW3Y…OqDE) - Starting...
2021-02-10 16:06:52.960753: [TUN] [client] peer(LW3Y…OqDE) - Sending keepalive packet
2021-02-10 16:06:52.960753: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:06:52.960753: [TUN] [client] Monitoring default v6 routes
2021-02-10 16:06:52.960753: [TUN] [client] Binding v6 socket to interface 18 (blackhole=false)
2021-02-10 16:06:52.962756: [TUN] [client] peer(LW3Y…OqDE) - Routine: sequential receiver - started
2021-02-10 16:06:52.962756: [TUN] [client] Routine: receive incoming IPv4 - started
2021-02-10 16:06:52.962756: [TUN] [client] Routine: receive incoming IPv6 - started
2021-02-10 16:06:52.962756: [TUN] [client] peer(LW3Y…OqDE) - Routine: sequential sender - started
2021-02-10 16:06:52.970766: [TUN] [client] Setting device v6 addresses
2021-02-10 16:06:53.077404: [TUN] [client] Monitoring default v4 routes
2021-02-10 16:06:53.077404: [TUN] [client] Binding v4 socket to interface 13 (blackhole=false)
2021-02-10 16:06:53.077404: [TUN] [client] Setting device v4 addresses
2021-02-10 16:06:53.165513: [TUN] [client] Listening for UAPI requests
2021-02-10 16:06:53.165513: [TUN] [client] Startup complete
2021-02-10 16:06:58.205687: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:07:03.381118: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:07:03.381118: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:07:04.264416: [TUN] [client] Binding v6 socket to interface 0 (blackhole=true)
2021-02-10 16:07:08.670598: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:07:08.670598: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:07:13.848323: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:07:13.848323: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:07:19.102831: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:07:19.102831: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:07:24.141391: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:07:29.147775: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:07:34.456903: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:07:34.456903: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:07:39.118233: [TUN] [client] Device closing
2021-02-10 16:07:39.118233: [TUN] [client] Routine: TUN reader - stopped
2021-02-10 16:07:39.143265: [TUN] [client] Routine: event worker - stopped
2021-02-10 16:07:39.143265: [TUN] [client] Routine: receive incoming IPv4 - stopped
2021-02-10 16:07:39.143265: [TUN] [client] Routine: receive incoming IPv6 - stopped
2021-02-10 16:07:39.143265: [TUN] [client] peer(LW3Y…OqDE) - Stopping...
2021-02-10 16:07:39.143265: [TUN] [client] peer(LW3Y…OqDE) - Routine: sequential sender - stopped
2021-02-10 16:07:39.143265: [TUN] [client] peer(LW3Y…OqDE) - Routine: sequential receiver - stopped
2021-02-10 16:07:39.143265: [TUN] [client] Routine: handshake worker - stopped
2021-02-10 16:07:39.143265: [TUN] [client] Routine: encryption worker - stopped
2021-02-10 16:07:39.143265: [TUN] [client] Routine: decryption worker - stopped
2021-02-10 16:07:39.143265: [TUN] [client] Routine: handshake worker - stopped
2021-02-10 16:07:39.143265: [TUN] [client] Routine: handshake worker - stopped
2021-02-10 16:07:39.143265: [TUN] [client] Routine: handshake worker - stopped
2021-02-10 16:07:39.143265: [TUN] [client] Routine: encryption worker - stopped
2021-02-10 16:07:39.143265: [TUN] [client] Routine: encryption worker - stopped
2021-02-10 16:07:39.143265: [TUN] [client] Routine: encryption worker - stopped
2021-02-10 16:07:39.143265: [TUN] [client] Routine: decryption worker - stopped
2021-02-10 16:07:39.143265: [TUN] [client] Routine: decryption worker - stopped
2021-02-10 16:07:39.143265: [TUN] [client] Routine: decryption worker - stopped
2021-02-10 16:07:39.143265: [TUN] [client] Interface closed
2021-02-10 16:07:39.143265: [TUN] [client] Shutting down
2021-02-10 16:07:39.145267: [MGR] [client] Tunnel service tracker finished
2021-02-10 16:08:47.901129: [TUN] [client] Starting WireGuard/0.3.5 (Windows 10.0.16299; amd64)
2021-02-10 16:08:47.901129: [TUN] [client] Watching network interfaces
2021-02-10 16:08:47.902632: [TUN] [client] Resolving DNS names
2021-02-10 16:08:47.902632: [TUN] [client] Creating Wintun interface
2021-02-10 16:08:47.992315: [TUN] [client] [Wintun] CreateAdapter: Creating adapter
2021-02-10 16:08:48.196686: [TUN] [client] Using Wintun/0.10
2021-02-10 16:08:48.196686: [TUN] [client] Enabling firewall rules
2021-02-10 16:08:48.234737: [TUN] [client] Dropping privileges
2021-02-10 16:08:48.235739: [TUN] [client] Creating interface instance
2021-02-10 16:08:48.235739: [TUN] [client] Setting interface configuration
2021-02-10 16:08:48.235739: [TUN] [client] UAPI: Updating private key
2021-02-10 16:08:48.235739: [TUN] [client] UAPI: Removing all peers
2021-02-10 16:08:48.235739: [TUN] [client] Routine: handshake worker - started
2021-02-10 16:08:48.235739: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Created
2021-02-10 16:08:48.235739: [TUN] [client] Routine: encryption worker - started
2021-02-10 16:08:48.235739: [TUN] [client] Routine: decryption worker - started
2021-02-10 16:08:48.235739: [TUN] [client] Routine: handshake worker - started
2021-02-10 16:08:48.235739: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Updating preshared key
2021-02-10 16:08:48.235739: [TUN] [client] Routine: encryption worker - started
2021-02-10 16:08:48.235739: [TUN] [client] Routine: decryption worker - started
2021-02-10 16:08:48.235739: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Updating endpoint
2021-02-10 16:08:48.235739: [TUN] [client] Routine: decryption worker - started
2021-02-10 16:08:48.235739: [TUN] [client] Routine: encryption worker - started
2021-02-10 16:08:48.235739: [TUN] [client] Routine: decryption worker - started
2021-02-10 16:08:48.235739: [TUN] [client] Routine: handshake worker - started
2021-02-10 16:08:48.235739: [TUN] [client] Routine: encryption worker - started
2021-02-10 16:08:48.235739: [TUN] [client] Routine: TUN reader - started
2021-02-10 16:08:48.235739: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Updating persistent keepalive interval
2021-02-10 16:08:48.235739: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Removing all allowedips
2021-02-10 16:08:48.235739: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Adding allowedip
2021-02-10 16:08:48.235739: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Adding allowedip
2021-02-10 16:08:48.235739: [TUN] [client] Bringing peers up
2021-02-10 16:08:48.236740: [TUN] [client] Routine: handshake worker - started
2021-02-10 16:08:48.236740: [TUN] [client] Routine: event worker - started
2021-02-10 16:08:48.237741: [TUN] [client] UDP bind has been updated
2021-02-10 16:08:48.237741: [TUN] [client] peer(LW3Y…OqDE) - Starting...
2021-02-10 16:08:48.237741: [TUN] [client] peer(LW3Y…OqDE) - Sending keepalive packet
2021-02-10 16:08:48.237741: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:08:48.237741: [TUN] [client] peer(LW3Y…OqDE) - Routine: sequential receiver - started
2021-02-10 16:08:48.237741: [TUN] [client] Routine: receive incoming IPv4 - started
2021-02-10 16:08:48.238742: [TUN] [client] Routine: receive incoming IPv6 - started
2021-02-10 16:08:48.238742: [TUN] [client] peer(LW3Y…OqDE) - Routine: sequential sender - started
2021-02-10 16:08:48.238742: [TUN] [client] Monitoring default v6 routes
2021-02-10 16:08:48.238742: [TUN] [client] Binding v6 socket to interface 18 (blackhole=false)
2021-02-10 16:08:48.239743: [TUN] [client] Setting device v6 addresses
2021-02-10 16:08:48.329731: [TUN] [client] Monitoring default v4 routes
2021-02-10 16:08:48.330232: [TUN] [client] Binding v4 socket to interface 13 (blackhole=false)
2021-02-10 16:08:48.330232: [TUN] [client] Setting device v4 addresses
2021-02-10 16:08:48.414338: [TUN] [client] Listening for UAPI requests
2021-02-10 16:08:48.414338: [TUN] [client] Startup complete
2021-02-10 16:08:53.514088: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:08:53.514088: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:08:58.676514: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:08:58.676514: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:09:00.410861: [TUN] [client] Binding v6 socket to interface 0 (blackhole=true)
2021-02-10 16:09:03.810121: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:09:08.994047: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:09:08.994047: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:09:14.251694: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:09:14.251694: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:09:19.575862: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:09:19.575862: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:09:24.385285: [TUN] [client] Device closing
2021-02-10 16:09:24.385285: [TUN] [client] Routine: TUN reader - stopped
2021-02-10 16:09:24.419212: [TUN] [client] Routine: event worker - stopped
2021-02-10 16:09:24.420214: [TUN] [client] Routine: receive incoming IPv4 - stopped
2021-02-10 16:09:24.420214: [TUN] [client] Routine: receive incoming IPv6 - stopped
2021-02-10 16:09:24.420214: [TUN] [client] peer(LW3Y…OqDE) - Stopping...
2021-02-10 16:09:24.420214: [TUN] [client] peer(LW3Y…OqDE) - Routine: sequential sender - stopped
2021-02-10 16:09:24.420214: [TUN] [client] peer(LW3Y…OqDE) - Routine: sequential receiver - stopped
2021-02-10 16:09:24.420214: [TUN] [client] Routine: handshake worker - stopped
2021-02-10 16:09:24.420214: [TUN] [client] Routine: encryption worker - stopped
2021-02-10 16:09:24.420214: [TUN] [client] Routine: decryption worker - stopped
2021-02-10 16:09:24.420214: [TUN] [client] Routine: handshake worker - stopped
2021-02-10 16:09:24.420214: [TUN] [client] Routine: handshake worker - stopped
2021-02-10 16:09:24.420214: [TUN] [client] Routine: handshake worker - stopped
2021-02-10 16:09:24.420214: [TUN] [client] Routine: encryption worker - stopped
2021-02-10 16:09:24.420214: [TUN] [client] Routine: encryption worker - stopped
2021-02-10 16:09:24.420214: [TUN] [client] Routine: encryption worker - stopped
2021-02-10 16:09:24.420214: [TUN] [client] Routine: decryption worker - stopped
2021-02-10 16:09:24.420214: [TUN] [client] Routine: decryption worker - stopped
2021-02-10 16:09:24.420214: [TUN] [client] Routine: decryption worker - stopped
2021-02-10 16:09:24.420214: [TUN] [client] Interface closed
2021-02-10 16:09:24.420214: [TUN] [client] Shutting down
2021-02-10 16:09:24.431228: [MGR] [client] Tunnel service tracker finished
2021-02-10 16:09:26.301183: [TUN] [client] Starting WireGuard/0.3.5 (Windows 10.0.16299; amd64)
2021-02-10 16:09:26.301183: [TUN] [client] Watching network interfaces
2021-02-10 16:09:26.302685: [TUN] [client] Resolving DNS names
2021-02-10 16:09:26.302685: [TUN] [client] Creating Wintun interface
2021-02-10 16:09:26.332173: [TUN] [client] [Wintun] CreateAdapter: Creating adapter
2021-02-10 16:09:26.549479: [TUN] [client] Using Wintun/0.10
2021-02-10 16:09:26.549479: [TUN] [client] Enabling firewall rules
2021-02-10 16:09:26.570355: [TUN] [client] Dropping privileges
2021-02-10 16:09:26.571356: [TUN] [client] Creating interface instance
2021-02-10 16:09:26.571356: [TUN] [client] Routine: encryption worker - started
2021-02-10 16:09:26.571356: [TUN] [client] Setting interface configuration
2021-02-10 16:09:26.571356: [TUN] [client] Routine: encryption worker - started
2021-02-10 16:09:26.571356: [TUN] [client] Routine: decryption worker - started
2021-02-10 16:09:26.571356: [TUN] [client] Routine: handshake worker - started
2021-02-10 16:09:26.571356: [TUN] [client] Routine: encryption worker - started
2021-02-10 16:09:26.571356: [TUN] [client] Routine: decryption worker - started
2021-02-10 16:09:26.571356: [TUN] [client] Routine: handshake worker - started
2021-02-10 16:09:26.571356: [TUN] [client] Routine: encryption worker - started
2021-02-10 16:09:26.571356: [TUN] [client] Routine: decryption worker - started
2021-02-10 16:09:26.571356: [TUN] [client] Routine: handshake worker - started
2021-02-10 16:09:26.571356: [TUN] [client] Routine: handshake worker - started
2021-02-10 16:09:26.571356: [TUN] [client] Routine: decryption worker - started
2021-02-10 16:09:26.571356: [TUN] [client] Routine: TUN reader - started
2021-02-10 16:09:26.571356: [TUN] [client] UAPI: Updating private key
2021-02-10 16:09:26.571356: [TUN] [client] Routine: event worker - started
2021-02-10 16:09:26.571356: [TUN] [client] UAPI: Removing all peers
2021-02-10 16:09:26.571356: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Created
2021-02-10 16:09:26.571356: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Updating preshared key
2021-02-10 16:09:26.571356: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Updating endpoint
2021-02-10 16:09:26.571356: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Updating persistent keepalive interval
2021-02-10 16:09:26.571356: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Removing all allowedips
2021-02-10 16:09:26.571356: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Adding allowedip
2021-02-10 16:09:26.571356: [TUN] [client] peer(LW3Y…OqDE) - UAPI: Adding allowedip
2021-02-10 16:09:26.571356: [TUN] [client] Bringing peers up
2021-02-10 16:09:26.572358: [TUN] [client] UDP bind has been updated
2021-02-10 16:09:26.572358: [TUN] [client] peer(LW3Y…OqDE) - Starting...
2021-02-10 16:09:26.572358: [TUN] [client] peer(LW3Y…OqDE) - Sending keepalive packet
2021-02-10 16:09:26.572358: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:09:26.572358: [TUN] [client] peer(LW3Y…OqDE) - Routine: sequential receiver - started
2021-02-10 16:09:26.572358: [TUN] [client] Routine: receive incoming IPv4 - started
2021-02-10 16:09:26.572358: [TUN] [client] Routine: receive incoming IPv6 - started
2021-02-10 16:09:26.573360: [TUN] [client] peer(LW3Y…OqDE) - Routine: sequential sender - started
2021-02-10 16:09:26.573360: [TUN] [client] Monitoring default v6 routes
2021-02-10 16:09:26.573360: [TUN] [client] Binding v6 socket to interface 18 (blackhole=false)
2021-02-10 16:09:26.573360: [TUN] [client] Setting device v6 addresses
2021-02-10 16:09:26.652270: [TUN] [client] Monitoring default v4 routes
2021-02-10 16:09:26.652270: [TUN] [client] Binding v4 socket to interface 13 (blackhole=false)
2021-02-10 16:09:26.652270: [TUN] [client] Setting device v4 addresses
2021-02-10 16:09:26.746094: [TUN] [client] Listening for UAPI requests
2021-02-10 16:09:26.746094: [TUN] [client] Startup complete
2021-02-10 16:09:26.943932: [TUN] [client] Binding v6 socket to interface 0 (blackhole=true)
2021-02-10 16:09:31.792368: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:09:36.963531: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:09:36.963531: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:09:41.988059: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:09:47.173757: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:09:47.173757: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:09:52.425181: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:09:52.425181: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:09:57.749390: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:09:57.749390: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:10:02.830126: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:10:02.830126: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:10:08.139552: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 3)
2021-02-10 16:10:08.139552: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:10:13.280833: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:10:13.280833: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:10:18.438730: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:10:18.438730: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:10:23.461669: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:10:28.734500: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:10:28.734500: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation
2021-02-10 16:10:33.811246: [TUN] [client] peer(LW3Y…OqDE) - Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-10 16:10:33.811246: [TUN] [client] peer(LW3Y…OqDE) - Sending handshake initiation

what is the problem???

Docker?

Hello, thanks for the great script. I was wondering -- would it be possible to have a docker container wrapper so that one could pull down a container in their server, start it up and get everything set up (perhaps some additional configs to route traffic from server to the container).

Thanks!

QR Code not able to scan with UTF8

Changed UTF8 to ASCII that I could scan the QR code in my MacOS Terminal. With the UTF8 there was to much space between the lines and no scanner could identify the data. Maybe you insert both options to generate - with a 1/2 selection or just both in sequence.

qrencode -t UTF8 < ~/"$client.conf"
qrencode -t ASCII < ~/"$client.conf"

nyr / wireguard-install Goto Github PK

wireguard-install's People

Contributors

Stargazers

Watchers

Forkers

wireguard-install's Issues

Recommend Projects

Recommend Topics

Recommend Org

Jobs