UDP Trash Hack for WireGuard on AsusWRT Merlin
- Кладём файл
wgclient-start
в/jffs/scripts/
- Делаем скрипт запускаемым
chmod +x /jffs/scripts/wgclient-start
- Done ✅
Проверен на роутере ASUS RT-AX88U PRO Firmware: AsusWRT Merlin 3004.388.8_2
wgclient-start
в /jffs/scripts/
chmod +x /jffs/scripts/wgclient-start
Проверен на роутере ASUS RT-AX88U PRO Firmware: AsusWRT Merlin 3004.388.8_2
#!/bin/sh | |
sleep 3 | |
# Log the start of the script | |
logger -t WireGuardClientUp "Starting junk-udp-hack script after WireGuard client #$1 connection." | |
# Enable exit on error | |
set -e | |
# Function to generate a random number between 49152 and 65535 | |
generate_random_port() { | |
awk -v min=49152 -v max=65535 'BEGIN { srand(); print int(min + rand() * (max - min + 1)) }' | |
} | |
interface="wgc$1" | |
logger -t WireGuardClientUp "Processing WG interface - $interface" | |
# Retrieve the server and port | |
wg_endpoint=$(wg show "$interface" endpoints) | |
if [ -z "$wg_endpoint" ]; then | |
logger -t WireGuardClientUp "Unable to retrieve endpoint for interface $interface" >&2 | |
fi | |
wg_server=$(echo "$wg_endpoint" | awk '{print $2}' | cut -d':' -f1) | |
wg_port=$(echo "$wg_endpoint" | awk '{print $2}' | cut -d':' -f2) | |
if [ -z "$wg_server" ] || [ -z "$wg_port" ]; then | |
logger -t WireGuardClientUp "Unable to extract server or port for interface $interface" >&2 | |
fi | |
# Generate a random message | |
message=$(dd if=/dev/urandom bs=228 count=5 2>/dev/null | tr -dc 'A-Za-z0-9') | |
# Generate a new random port and ensure it's not in use | |
l_port=$(generate_random_port) | |
while netstat -an | grep -qE '(^|[^0-9])'"$l_port"'([^0-9]|$)'; do | |
logger -t WireGuardClientUp "Port $l_port is already in use. Generating new one" | |
l_port=$(generate_random_port) | |
done | |
logger -t WireGuardClientUp "WG server $wg_server:$wg_port Source port $l_port" | |
# Send the message using socat | |
echo "$message" | socat - UDP-SENDTO:"$wg_server:$wg_port",sourceport="$l_port" | |
# Update the WireGuard interface with the new listen port | |
wg set "$interface" listen-port "$l_port" |