# Instance name [main] # Uncomment to bind source socket to a specific interface # source-if = 0.0.0.0 # Port to listen for the source client (real client or client obfuscator) source-lport = 13255 # Host and port of the target to forward to (server obfuscator or real server) target = 10.13.1.100:13255 # Obfuscation key, must be the same on both sides key = test # Change this to the name of protocol you want to use for masking for DPI evasion. # The default is "AUTO", which will not use masking for server side, # and will automatically detect masking type of the client. # Currently the only supported masking type is "STUN". # Supported values: STUN, AUTO, NONE masking = AUTO # You can specify a static bindings for two-way mode (when the server is also a client) # This is useful when both WireGuard server and client have a public static IP # The format is comma-separated list of ::, # where is the IP of the client, is the UDP port of the client, # and is the local UDP port used by connections to the server, # e.g. UDP port to which the server should send packets. # Spaces are allowed around the commas. # # static-bindings = 1.2.3.4:12883:6670, 5.6.7.8:12083:6679 # Verbosity level (0 - 4) # ERRORS (critical errors only) # WARNINGS (important messages) # INFO (informational messages: status messages, connection established, etc.) # DEBUG (detailed debug messages) # TRACE (very detailed debug messages, including packet dumps) verbose = INFO # Maximum number of clients # This is the maximum number of clients that can be connected to the obfuscator at the same time. # If the limit is reached, new clients will be rejected. # Default is 1024. # # max-clients = 1024 # Maximum idle timeout in milliseconds # This is the maximum time in milliseconds that a client can be idle before it is disconnected. # If the client does not send any packets for this time, it will be disconnected. # Default is 300 seconds (5 minutes). # # idle-timeout = 300 # Maximum dummy length for data packets # This is the maximum length of dummy data in bytes that can be added to data packets. # This is used to obfuscate the traffic and make it harder to detect. # The value must be between 0 and 1024. # If set to 0, no dummy data will be added. # Default is 4. # Note: total packet size with dummy bytes will be limited to 1024 bytes. # # max-dummy = 4 # You can specify multiple instances # [second_server] # source-if = 0.0.0.0 # source-lport = 13255 # target = 10.13.1.100:13255 # key = test # static-bindings = 1.2.3.4:12883:6670, 5.6.7.8:12083:6679 # verbose = 2