With that said, with WireGuard the DNS configuration is directly in the client.conf file, so you can easily configure 10.0.7.1 which is the server address.
@sonic said: It would be great if you included Unbound on this script
Would you want the script to set up a recursor, or to integrate with an already running one? The second is very easy, read my comment just above this.
Cloudflare DNS is good and no logging policy so it's OK to use them. Great option for small VPS!
Unbound DNS is lightweight, I would go with unbound if my VPS had more than 512 MB RAM
I guess what he want is ADBlocker DNS. You c> @sonic said:
With that said, with WireGuard the DNS configuration is directly in the client.conf file, so you can easily configure 10.0.7.1 which is the server address.
@sonic said: It would be great if you included Unbound on this script
Would you want the script to set up a recursor, or to integrate with an already running one? The second is very easy, read my comment just above this.
Cloudflare DNS is good and no logging policy so it's OK to use them. Great option for small VPS!
Unbound DNS is lightweight, I would go with unbound if my VPS had more than 512 MB RAM
One of the main reason I use vpn is that blocking ads through pihole.
With that said, with WireGuard the DNS configuration is directly in the client.conf file, so you can easily configure 10.0.7.1 which is the server address.
@sonic said: It would be great if you included Unbound on this script
Would you want the script to set up a recursor, or to integrate with an already running one? The second is very easy, read my comment just above this.
Cloudflare DNS is good and no logging policy so it's OK to use them. Great option for small VPS!
Unbound DNS is lightweight, I would go with unbound if my VPS had more than 512 MB RAM
I guess what he want is ADBlocker DNS. You c> @sonic said:
With that said, with WireGuard the DNS configuration is directly in the client.conf file, so you can easily configure 10.0.7.1 which is the server address.
@sonic said: It would be great if you included Unbound on this script
Would you want the script to set up a recursor, or to integrate with an already running one? The second is very easy, read my comment just above this.
Cloudflare DNS is good and no logging policy so it's OK to use them. Great option for small VPS!
Unbound DNS is lightweight, I would go with unbound if my VPS had more than 512 MB RAM
One of the main reason I use vpn is that blocking ads through pihole.
My current setup: Wireguard + Unbound + Pihole and Adguard chrome extension (for blocking Youtube ads)
Is there a way to access the clients via their hostname and the .local domain?
Let's say I have both my PC and PI connected and I'd like to access the pi via it's hostname and the .local subdomain.
@iandk said:
Is there a way to access the clients via their hostname and the .local domain?
Let's say I have both my PC and PI connected and I'd like to access the pi via it's hostname and the .local subdomain.
Amitz, a very stable genius (it's true!) and Grand Rectumfier of the official LESLOS® (LES League of Shitposters).
Certified braindead since 1974 and still perfectly happy.
For me, wireguard seems to be much efficient than openvpn. I am using wireguard over 6 months now and main attraction for me is being energy friendly on mobile. It does not keep connection open so less battery drain. But no noticeable difference in ux.
@Iroshan464 said:
For me, wireguard seems to be much efficient than openvpn. I am using wireguard over 6 months now and main attraction for me is being energy friendly on mobile. It does not keep connection open so less battery drain. But no noticeable difference in ux.
@Iroshan464 said:
For me, wireguard seems to be much efficient than openvpn. I am using wireguard over 6 months now and main attraction for me is being energy friendly on mobile. It does not keep connection open so less battery drain. But no noticeable difference in ux.
What a sad situation that I had been so busy with work
@cybertech said: What speeds are you getting on wireguard and how did you speed it up?
To be honest no idea, I am so overworked lately that haven't used a WireGuard client yet in my personal devices.
Others report better speeds than OpenVPN and the protocol is certainly more efficient. If you are getting very low speeds that could be caused by MTU problems, but other than that there isn't much to be done by the end user to improve speeds. Just use a server in a quality network.
What client are you using? I'm on Shadowsocks currently which probably is as efficient as you can get, but I'm planing the switch to WireGuard in the near future.
@flips said: Does the script assume iptables(-legacy) to be present/default? (Wondering if I should try it on a Debian 10 VPS using nftables actively.)
As long as you have the iptables-nft compatibility layer (which is there by default) you're good to go.
in openvpn you can just put pull-filter ignore redirect-gateway
to make the client doesn't route everything and it just a spawn tun0 interface that connected to the private network. so i got more flexibility to explicitly define which traffic will use VPN. if i don't tell it, then it won't get routed by default
@mobile said:
in openvpn you can just put pull-filter ignore redirect-gateway
to make the client doesn't route everything and it just a spawn tun0 interface that connected to the private network. so i got more flexibility to explicitly define which traffic will use VPN. if i don't tell it, then it won't get routed by default
can wireguard do the same?
Wireguard does that all on the client side under AllowedIPs in the config. I haven't looked at Nyr's script yet, but I assume his default would be to push all traffic over it 0.0.0.0/0, ::/0 (v4 & v6). You'd just take those out and specify the routes you want to go over the VPN - 12.24.44.66/24, 195.54.77.88/32 etc
Just made sure you leave the wireguard internal network range in the AllowedIPs section (the /24 & /64 - most likely - that is specified in the config)
@Harambe said:
(...)
Wireguard does that all on the client side under AllowedIPs in the config. I haven't looked at Nyr's script yet, but I assume his default would be to push all traffic over it 0.0.0.0/0, ::/0 (v4 & v6). You'd just take those out and specify the routes you want to go over the VPN - 12.24.44.66/24, 195.54.77.88/32 etc
Just made sure you leave the wireguard internal network range in the AllowedIPs section (the /24 & /64 - most likely - that is specified in the config)
great, will look into this. i also need to alter the script to use filtered quad9 dns too
That repository is based on Angristan+l-n-s, both of them are forks of my original work and the author is either unaware or trying to hide that fact. But whatever it is, my original copyright is not being respected. I will not go into the technical part of the scripts here, already did that over at LET in case you are interested, but his repo is forked from Angristan so to put it short I'd suggest not to waste your time.
Yes, this person stole multiple people's work and didn't credit anyone for a long time. Moreover, they seem to like insulting others in GitHub issues, so I advise to stay away from them. (I had to block them on GitHub).
complexorganizations copied small parts from angristan/openvpn-install (not only angristan/wireguard-install) and bigger parts from the l-n-s/wireguard-install project, both of which are based on my work. No one claimed that your wireguard-install is a fork of my work.
This script will not work on a cheapo OpenVZ VPS. You cannot install the linux Wireguard module on a cheapo OpenVZ VPS.
Instead, what you need to do is to use wireguard-go (this is an userland implementation of Wireguard). And I have got fairly good results from using wireguard-go on a cheapo OpenVZ VPS -- I would say it works better than OpenVPN on a cheapo OpenVZ VPS.
@timsan said:
This script will not work on a cheapo OpenVZ VPS. You cannot install the linux Wireguard module on a cheapo OpenVZ VPS.
Instead, what you need to do is to use wireguard-go (this is an userland implementation of Wireguard). And I have got fairly good results from using wireguard-go on a cheapo OpenVZ VPS -- I would say it works better than OpenVPN on a cheapo OpenVZ VPS.
Already mentioned in the first post, OpenVZ support is coming very soon.
Comments
I guess what he want is ADBlocker DNS. You c> @sonic said:
One of the main reason I use vpn is that blocking ads through pihole.
Action and Reaction in history
My current setup: Wireguard + Unbound + Pihole and Adguard chrome extension (for blocking Youtube ads)
The installer includes an AdGuard option, not the same as Pi-hole but similar results.
OpenVPN installer | WireGuard installer
Is there a way to access the clients via their hostname and the .local domain?
Let's say I have both my PC and PI connected and I'd like to access the pi via it's hostname and the .local subdomain.
https://v6node.com
You'd need to be running a DNS server for that.
OpenVPN installer | WireGuard installer
Finally!
Thank you so much for your work!
Amitz, a very stable genius (it's true!) and Grand Rectumfier of the official LESLOS® (LES League of Shitposters).
Certified braindead since 1974 and still perfectly happy.
Can this and your OpenVPN script be configured side by side?
Of course!
OpenVPN installer | WireGuard installer
What speeds are you getting on wireguard and how did you speed it up?
I bench YABS 24/7/365 unless it's a leap year.
For me, wireguard seems to be much efficient than openvpn. I am using wireguard over 6 months now and main attraction for me is being energy friendly on mobile. It does not keep connection open so less battery drain. But no noticeable difference in ux.
Enjoy meditation without religion for one month.
On Android?
Yep
Enjoy meditation without religion for one month.
And seamless switching between wifi and mobile data.
Enjoy meditation without religion for one month.
What a sad situation that I had been so busy with work
To be honest no idea, I am so overworked lately that haven't used a WireGuard client yet in my personal devices.
Others report better speeds than OpenVPN and the protocol is certainly more efficient. If you are getting very low speeds that could be caused by MTU problems, but other than that there isn't much to be done by the end user to improve speeds. Just use a server in a quality network.
What client are you using? I'm on Shadowsocks currently which probably is as efficient as you can get, but I'm planing the switch to WireGuard in the near future.
OpenVPN installer | WireGuard installer
@Nyr
I'm using the official client. However, using the magisk wireguard module too. Not sure whether it makes a difference.
Enjoy meditation without religion for one month.
Anyone know Wireguard client for Ubuntu Desktop? I'm using command-line version, it works but it isnt as good as Windows desktop verison.
I didn't intend to send that half-prase lol, it sounds so edgy. I'm fine, not sad!
https://github.com/corrad1nho/qomui
I have no idea about how good it is, I don't use Linux on the desktop.
OpenVPN installer | WireGuard installer
Thanks for your script!
It works flawlessly.
Not much usage because the server from US when i'm in Asia
Does the script assume iptables(-legacy) to be present/default? (Wondering if I should try it on a Debian 10 VPS using nftables actively.)
As long as you have the iptables-nft compatibility layer (which is there by default) you're good to go.
OpenVPN installer | WireGuard installer
in openvpn you can just put
pull-filter ignore redirect-gateway
to make the client doesn't route everything and it just a spawn tun0 interface that connected to the private network. so i got more flexibility to explicitly define which traffic will use VPN. if i don't tell it, then it won't get routed by default
can wireguard do the same?
Wireguard does that all on the client side under
AllowedIPs
in the config. I haven't looked at Nyr's script yet, but I assume his default would be to push all traffic over it0.0.0.0/0, ::/0
(v4 & v6). You'd just take those out and specify the routes you want to go over the VPN -12.24.44.66/24, 195.54.77.88/32
etcJust made sure you leave the wireguard internal network range in the AllowedIPs section (the /24 & /64 - most likely - that is specified in the config)
🦍🍌
great, will look into this. i also need to alter the script to use filtered quad9 dns too
@mobile no need to change the script.
Only the client conf file.
Enjoy meditation without religion for one month.
great, will look into this
Exactly as @Harambe said. You just need to alter the
AllowedIPs
directive in the client configuration to whatever you want.I'll probably include that option in the near future but again, you can just replace the DNS IP in the client configuration file
OpenVPN installer | WireGuard installer
I'll wait for the angry-pakistan fork. Probably more secure. jk
Thanks for this @Nyr! Been using your openvpn script since forever.
Yes, this person stole multiple people's work and didn't credit anyone for a long time. Moreover, they seem to like insulting others in GitHub issues, so I advise to stay away from them. (I had to block them on GitHub).
That being said, https://github.com/angristan/wireguard-install is not a fork, it's something I made from scratch starting a year ago.
Cheers,
Stanislas
complexorganizations copied small parts from angristan/openvpn-install (not only angristan/wireguard-install) and bigger parts from the l-n-s/wireguard-install project, both of which are based on my work. No one claimed that your wireguard-install is a fork of my work.
OpenVPN installer | WireGuard installer
This script will not work on a cheapo OpenVZ VPS. You cannot install the linux Wireguard module on a cheapo OpenVZ VPS.
Instead, what you need to do is to use wireguard-go (this is an userland implementation of Wireguard). And I have got fairly good results from using wireguard-go on a cheapo OpenVZ VPS -- I would say it works better than OpenVPN on a cheapo OpenVZ VPS.
Already mentioned in the first post, OpenVZ support is coming very soon.
OpenVPN installer | WireGuard installer