RX Errors from Android Peer
Eddie
stunnel at attglobal.net
Thu Apr 26 00:28:40 CEST 2018
Jason,
Not sure I follow you.
The Android app, I thought, was designed to send all traffic out via the
tunnel. It's configuration would be, in Linux format:
[Interface]
Address = 192.168.150.10/24
DNS = 192.168.0.254
PrivateKey = Android private key
[Peer]
PublicKey = Linux public key
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = MyServer.net:51820
So all the traffic sent, should be from 192.168.150.10. The
corresponding Linux configuration is:
[Interface]
PrivateKey = Linux private key
ListenPort = 51820
[Peer]
PublicKey = Android public key
AllowedIPs = 192.168.150.10/32
[Peer]
PublicKey = Laptop public key
AllowedIPs = 192.168.150.11/32
The RX errors go up immediately I connect and stop increasing when I
disconnect. They are NOT random pokes at my server from script-kiddies,
which i would have thought would have been dropped silently.
So, I don't see how the source IP wouldn't match the allowed-ip.
Cheers.
On 4/25/2018 2:18 PM, Jason A. Donenfeld wrote:
> Hi Eddie,
>
> Those RX frame errors are caused by the interface receiving packets
> that have a source IP not included in the allowed-ips list of the
> peer.
>
> https://git.zx2c4.com/WireGuard/tree/src/receive.c#n351
>
> Jason
>
>
More information about the WireGuard
mailing list