#Tag · bonfire.cafe

Mullvad rolls out GotaTun, a Rust-based WireGuard implementation after wireguard-go caused most Android crashes.

Crash rate dropped to 0.01% post-deployment. Desktop & iOS planned for 2026.
https://www.technadu.com/gotatun-rollout-marks-major-wireguard-shift-at-mullvad/616309/

Is Rust becoming the safer default for VPN cores?
#WireGuard #Mullvad #Rust #VPN #InfoSec

Mullvad rolls out GotaTun, a Rust-based WireGuard implementation, after wireguard-go caused most Android crashes

:hacker_p: :hacker_f: :hacker_t:

@pft@infosec.exchange · last week

Finally replaced my DynDNS setup that exposed my home server to the Internet with a combination of:

Tiny VPS* with public IP
HAProxy with send-proxy-v2 (proxy protocol)
Wireguard tunnel to home server

So you guys stop tracking my home IP.

Thanks to @cR0w for the original idea.

*The cheapest IPv4 that I've found so far: ionos VPS XS (2$/1€).

#vps #wireguard #homelab

VPS Hosting | Virtual Private Servers | Starting at $2/month

Fast, reliable VPS hosting for running your custom applications » Unlimited traffic up to 1 Gbit/s ✓ Root access ✓ SSD NVMe storage ✓ Free Plesk license ✓

TechNadu

@technadu@infosec.exchange · last week

Mullvad rolls out GotaTun, a Rust-based WireGuard implementation after wireguard-go caused most Android crashes.

Crash rate dropped to 0.01% post-deployment. Desktop & iOS planned for 2026.
https://www.technadu.com/gotatun-rollout-marks-major-wireguard-shift-at-mullvad/616309/

Is Rust becoming the safer default for VPN cores?
#WireGuard #Mullvad #Rust #VPN #InfoSec

ajuvo ✔ and 1 other boosted

knoppix

@knoppix95@mastodon.social · 3 weeks ago

Mullvad is removing OpenVPN in desktop app v2025.14, shifting all users to WireGuard for security, performance, and newer anti-censorship tools. 🔄

Some OpenVPN setups may break, and routers/external apps will lose support by Jan 2026. ⚠️

@mullvadnet

🔗 https://mullvad.net/en/blog/2025/12/10/removing-openvpn-from-the-mullvad-vpn-app

#TechNews #Privacy #Security #VPN #Data #OpenSource #Linux #Networking #Censorship #Security #Internet #Tech #Software #Cybersecurity #Mullvad #OpenVPN #WireGuard

knoppix

@knoppix95@mastodon.social · 3 weeks ago

Mullvad is removing OpenVPN in desktop app v2025.14, shifting all users to WireGuard for security, performance, and newer anti-censorship tools. 🔄

Some OpenVPN setups may break, and routers/external apps will lose support by Jan 2026. ⚠️

@mullvadnet

🔗 https://mullvad.net/en/blog/2025/12/10/removing-openvpn-from-the-mullvad-vpn-app

#TechNews #Privacy #Security #VPN #Data #OpenSource #Linux #Networking #Censorship #Security #Internet #Tech #Software #Cybersecurity #Mullvad #OpenVPN #WireGuard

Zef Hemel

@zef@hachyderm.io · 3 weeks ago

Switched to using #pangolin to expose all my #selfhosted services through the internet (with an auth layer). Very sleek. Easy to set up. Open source. Completely under your control. Just requires a (small) VM (mine is on #hetzner) to deploy. Uses #wireguard behind the scenes. https://pangolin.net/

Neil Brown

@neil@mastodon.neilzone.co.uk · 3 weeks ago

Today's #FreeSoftwareAdvent (better late than never) is "WG Tunnel", an application for Android for bringing up and tearing down WireGuard tunnels.

I use it to keep a WireGuard tunnel running all the time on my phone.

I don't do anything fancy with it, but if one wanted to use different tunnels for different things, or when connected to different networks, or wanted a SOCKS5 proxy for other apps, it is definitely worth a look.

https://wgtunnel.com/

(And available via a custom F-Droid repo.)

#WireGuard #VPN

Joseph Nuthalapati :fbx:

@njoseph@social.masto.host · 4 weeks ago

@opensourceopenmind Yes.

FreedomBox includes integrations for services providing Dynamic DNS and TLS certificates (Let's Encrypt).

FreedomBox includes firewalld. Most web-based services are served by Apache server, acting as a reverse proxy. It also includes fail2ban and django-captcha to prevent brute force attempts at cracking passwords.

Linux G. Fossman

@opensourceopenmind@social.vivaldi.net replied · 4 weeks ago

@njoseph Thanks. Are the certificate issuance and renewals automated?

What about hiding your home connection IP address - is there an easy-to-use integration with Wireguard or some other solution?

Sorry for the questions. I've been trying to decide between #Yunohost, #Freedombox and #HomeServerHQ for a while now. Unfortunately, the #VPS provider I wanted to setup #Wireguard on demanded #KYC self-doxxing so that stopped me in my tracks!

deutrino boosted

selfhosting.couchsurfing

@surfhosting@mastodon.pirateparty.be · last month

WG Tunnel

An WireGuard & AmneziaWG Android client with auto-tunneling, lockdown & proxying.

With auto-tunneling, tunnels automatically turn on, off, or change based on your network.

Available on its own F-droid repo, IzzyOnDroid, and Google Play.

https://github.com/wgtunnel/wgtunnel

#WireGuard #AmneziaWG #Android #selfhosting

Stefano Marinelli boosted

Tom

@pertho@mastodon.bsd.cafe · last month

What's the common wisdom regarding #Ubuntu #Linux and systemd-resolved, dnsmasq, and NetworkManager?

Had a weird thing happen where a #Wireguard tunnel didn't go up but DNS was still trying to connect to the DNS server over the WireGuard tunnel and was failing.

Is there any way to stop the DNS madness? It looks like they're both clobbering each other.

selfhosting.couchsurfing

@surfhosting@mastodon.pirateparty.be · last month

WG Tunnel

An WireGuard & AmneziaWG Android client with auto-tunneling, lockdown & proxying.

With auto-tunneling, tunnels automatically turn on, off, or change based on your network.

Available on its own F-droid repo, IzzyOnDroid, and Google Play.

https://github.com/wgtunnel/wgtunnel

#WireGuard #AmneziaWG #Android #selfhosting

Tom

@pertho@mastodon.bsd.cafe · last month

What's the common wisdom regarding #Ubuntu #Linux and systemd-resolved, dnsmasq, and NetworkManager?

Had a weird thing happen where a #Wireguard tunnel didn't go up but DNS was still trying to connect to the DNS server over the WireGuard tunnel and was failing.

Is there any way to stop the DNS madness? It looks like they're both clobbering each other.

deutrino boosted

selfhosting.couchsurfing

@surfhosting@mastodon.pirateparty.be · 2 months ago

I did some more digging on how to get my Tailscale traffic to bypass a Wireguard VPN which otherwise routes all internet traffic on OpenWrt without using the 'pbr' package, and found a rather strange document:

https://raw.githubusercontent.com/egc112/OpenWRT-egc-add-on/main/notes/OpenWRT%20Policy%20Based%20Routing%20(PBR).pdf

tl;dr it's definitely possible, but I'm going to have to bite the bullet and not use the simple "route all traffic over Wireguard and enable a 'killswitch' to prevent leaks" two-checkbox setup I've been using thus far.

#OpenWrt #Tailscale #Wireguard

selfhosting.couchsurfing

@surfhosting@mastodon.pirateparty.be · 2 months ago

https://raw.githubusercontent.com/egc112/OpenWRT-egc-add-on/main/notes/OpenWRT%20Policy%20Based%20Routing%20(PBR).pdf

#OpenWrt #Tailscale #Wireguard

Chewie

@chewie@mammut.gogreenit.net · 2 months ago

@Luminex my own, using #wireguard

Stefano Marinelli boosted

Tom

@pertho@mastodon.bsd.cafe · 2 months ago

Has anyone run into an issue in #WireGuard in which the Endpoint is a fully qualified domain name (e.g. vpn.example.org:51820) and the tunnel won't work, but it will work if you put in the IP address (which is IPv4)? I wonder if it has to do with having both IPv4 and IPv6 stacks running and active at the same time on the client and it can't, for some reason our another, establish the tunnel correctly?

Tom

@pertho@mastodon.bsd.cafe · 2 months ago

Michael Dexter and 1 other boosted

jbz

@jbz@indieweb.social · 3 months ago

wireguard-fpga: Full-throttle, wire-speed hardware implementation of Wireguard VPN, using low-cost Artix7 FPGA with opensource toolchain

https://github.com/chili-chips-ba/wireguard-fpga

#wireguard #fpga #opensource