UDP Trash Hack for WireGuard on AsusWRT Merlin
- Кладём файл
wgclient-startв/jffs/scripts/ - Делаем скрипт запускаемым
chmod +x /jffs/scripts/wgclient-start- Done ✅
Проверен на роутере ASUS RT-AX88U PRO Firmware: AsusWRT Merlin 3004.388.8_2
-
-
Save AAS/b6ca1f458f9a3e0a8070aca82becf28b to your computer and use it in GitHub Desktop.
UDP Trash Hack for WireGuard on AsusWRT Merlin
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| sleep 3 | |
| # Log the start of the script | |
| logger -t WireGuardClientUp "Starting junk-udp-hack script after WireGuard client #$1 connection." | |
| # Enable exit on error | |
| set -e | |
| # Function to generate a random number between 49152 and 65535 | |
| generate_random_port() { | |
| awk -v min=49152 -v max=65535 'BEGIN { srand(); print int(min + rand() * (max - min + 1)) }' | |
| } | |
| interface="wgc$1" | |
| logger -t WireGuardClientUp "Processing WG interface - $interface" | |
| # Retrieve the server and port | |
| wg_endpoint=$(wg show "$interface" endpoints) | |
| if [ -z "$wg_endpoint" ]; then | |
| logger -t WireGuardClientUp "Unable to retrieve endpoint for interface $interface" >&2 | |
| fi | |
| wg_server=$(echo "$wg_endpoint" | awk '{print $2}' | cut -d':' -f1) | |
| wg_port=$(echo "$wg_endpoint" | awk '{print $2}' | cut -d':' -f2) | |
| if [ -z "$wg_server" ] || [ -z "$wg_port" ]; then | |
| logger -t WireGuardClientUp "Unable to extract server or port for interface $interface" >&2 | |
| fi | |
| # Generate a random message | |
| message=$(dd if=/dev/urandom bs=228 count=5 2>/dev/null | tr -dc 'A-Za-z0-9') | |
| # Generate a new random port and ensure it's not in use | |
| l_port=$(generate_random_port) | |
| while netstat -an | grep -qE '(^|[^0-9])'"$l_port"'([^0-9]|$)'; do | |
| logger -t WireGuardClientUp "Port $l_port is already in use. Generating new one" | |
| l_port=$(generate_random_port) | |
| done | |
| logger -t WireGuardClientUp "WG server $wg_server:$wg_port Source port $l_port" | |
| # Send the message using socat | |
| echo "$message" | socat - UDP-SENDTO:"$wg_server:$wg_port",sourceport="$l_port" | |
| # Update the WireGuard interface with the new listen port | |
| wg set "$interface" listen-port "$l_port" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment