RX Errors from Android Peer

Eddie stunnel at attglobal.net
Thu Apr 26 00:28:40 CEST 2018


Jason,

Not sure I follow you.

The Android app, I thought, was designed to send all traffic out via the 
tunnel.  It's configuration would be, in Linux format:

[Interface]
Address = 192.168.150.10/24
DNS = 192.168.0.254
PrivateKey = Android private key

[Peer]
PublicKey = Linux public key
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = MyServer.net:51820

So all the traffic sent, should be from 192.168.150.10.  The 
corresponding Linux configuration is:

[Interface]
PrivateKey = Linux private key
ListenPort = 51820

[Peer]
PublicKey = Android public key
AllowedIPs = 192.168.150.10/32

[Peer]
PublicKey = Laptop public key
AllowedIPs = 192.168.150.11/32

The RX errors go up immediately I connect and stop increasing when I 
disconnect.  They are NOT random pokes at my server from script-kiddies, 
which i would have thought would have been dropped silently.

So, I don't see how the source IP wouldn't match the allowed-ip.

Cheers.


On 4/25/2018 2:18 PM, Jason A. Donenfeld wrote:
> Hi Eddie,
>
> Those RX frame errors are caused by the interface receiving packets
> that have a source IP not included in the allowed-ips list of the
> peer.
>
> https://git.zx2c4.com/WireGuard/tree/src/receive.c#n351
>
> Jason
>
>



More information about the WireGuard mailing list