Skip to content

TCPServerTunnel does not let WireGuard peers know of "connection refused" #174

New issue
New issue
Open
Open
TCPServerTunnel does not let WireGuard peers know of "connection refused"#174
@BlankEclair

Description

@BlankEclair
BlankEclair
opened on May 4, 2025

Let's say that wireproxy is started with the following config:

[Interface]
PrivateKey = <redacted>
Address = 10.42.0.4/32

[Peer]
PublicKey = <redacted>
Endpoint = 49.12.9.109:4242
AllowedIPs = 10.42.0.1/24
PersistentKeepalive = 25

[TCPServerTunnel]
ListenPort = 1080
Target = very.bad.invalid:8023

On 42.12.9.109, I try to send some packets over to 10.42.0.4:1080:

> nc -v 10.42.0.4 1080
10.42.0.4 1080 (socks) open
meow

The output here looks like 10.42.0.4 has successfully received the "meow" I sent over. However, it actually failed. wireproxy logs:

ERROR: 2025/05/04 11:35:05 TCP Server Tunnel to <nil>: lookup very.bad.invalid on 127.0.0.1:53: no such host

This is particularly insidious when it comes to, say, curl, where it just looks like it hangs:

> all_proxy=socks5h://10.42.0.4:1080 curl -v https://example.com
* Uses proxy env variable all_proxy == 'socks5h://10.42.0.4:1080'
*   Trying 10.42.0.4:1080...

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions