I would like to install udp2raw on the router where it will act as a client to obfuscate WireGuard traffic. I have used shadowsocks to obfuscate and unfortunately the obfuscation it offers is not enough and the WireGuard’s UDP traffic gets dropped/blocked, which I believe is because it doesn’t obfuscate headers. I have 21.02-SNAPSHOT openwrt on my router but I can’t find an exact build as I have for cross compilation of udp2raw:
For more info, I am tunneling WireGuard VPN traffic over shadowsocks client on my router to a shadowsocks (and WireGuard) server located outside the country I am in currently. Every 1-2 days the WireGuard VPN is unable to connect and keep restarting as the traffic is dropped/blocked. I am not sure if it is the shadowsocks itself or WireGuard traffic that is detected. The current workaround I have is to just change shadowsocks server port and reconnect. I have tried UDP ports below 1000 as well. From what I understand the ISP does some sort of DPI every couple of days and drops/blocks outgoing traffic on that port. I am afraid I can’t keep doing this as it may raise more flags.
Yes I think so too. When I came to this country initially the WG worked without any proxy for a couple of days until it was blocked and I had to find a solution with shadowsocks. Between my last message and this I found out the traffic gets blocked more quicker in a couple minutes than days as was seen earlier. So changing ports is almost futile now.
That works @hansome and I am able to establish a connection. I have a question about “PreUp”/“PostDown” directives as present in the guide here. If I add them to [Interface] section they do not get saved from the router UI config - it appears those keys are not supported hence the configuration discards them. Is there any way I can add them at the start/close of WG VPN cnxn?