Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WireSock Client CLI Windows service – AllowedApps Not Restricting Traffic to specific app – All Traffic Routed Through VPN #93

Open
abstarstrong opened this issue Dec 13, 2024 · 0 comments
Open

WireSock Client CLI Windows service – AllowedApps Not Restricting Traffic to specific app – All Traffic Routed Through VPN #93

abstarstrong opened this issue Dec 13, 2024 · 0 comments

Comments

@abstarstrong
Copy link

abstarstrong commented Dec 13, 2024
edited
Loading

I don't know where WireSock Client CLI issues are supposed to be written. But I'm facing a peculiar issue when testing this WireSock setup.

  • Windows 11 – Version 10.0.26100 Build 26100 (VM)

  • WireSock Client CLI v1.4.7 x64

  • I have WireSock Client CLI set up as a Windows service

  • In the WireSock/Wiregaurd configuration, I’ve specified Microsoft Edge msedge as an AllowedApps, so only Edge’s traffic should go through the VPN, while all other applications should use the system’s default connection.

WireSock/Wiregaurd .conf file:

[Peer] 
...
AllowedApps = msedge

The WireSock Client CLI is running as a service:

wiresock-client.exe install -start-type 2 -config [config_full_path_name] -log-level info

The Issue:

  • When I run curl from the command line, i can tell that all the systems traffic is routed through the VPN, not through the system’s default connection as I expected.
  • This happens even though Edge should be the only app using the VPN, according to the AllowedApps setting.

Additional Observations:

  • Both logs show that DNS requests outside of Edge (msedge) are routed through the VPN interface.
  • When the WireSock network interface fails to establish a connection with its WireGuard server, all traffic appears to stop. If the handshake cannot complete or the connection is lost, it seems that the filtering stops working due to the network interface being in an error state caused by the lack of connection to the WireGuard server.

Questions:

  1. Why is all traffic being routed through the VPN, even though I’ve specified that only Edge should use it in the AllowedApps section of the config file?
  2. How can I configure WireSock so that only Edge uses the VPN, and everything else uses the default system connection (/network adapter)?
  3. If I use WireSockUI can I have it run as a service on windows even if I don't login?

Logs:
wiresock-vpn-client-f_redacted.log
wiresock-vpn-client-j_redacted.log
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@abstarstrong