所以不用考虑fq的问题啊 wireshark 都能直接区分出是不是wg的流量
墙肯定也能。。。。。
看代码也没哪个地方暴露什么特征啊
fieldType := header[0:4] fieldReceiver := header[4:8] fieldNonce := header[8:16] binary.LittleEndian.PutUint32(fieldType, MessageTransportType) binary.LittleEndian.PutUint32(fieldReceiver, elem.keypair.remoteIndex) binary.LittleEndian.PutUint64(fieldNonce, elem.nonce) // pad content to multiple of 16 paddingSize := calculatePaddingSize(len(elem.packet), int(atomic.LoadInt32(&device.tun.mtu))) elem.packet = append(elem.packet, paddingZeros[:paddingSize]…) // encrypt content and release to consumer binary.LittleEndian.PutUint64(nonce[4:], elem.nonce) elem.packet = elem.keypair.send.Seal( header, nonce[:], elem.packet, nil, ) elem.Unlock()复制代码
//————
err := peer.SendBuffer(elem.packet)
安徽省网友说:udp就卡斯特罗,刚刚出来时用k2跑过,轻松跑满百兆,诶,强国梦
甘肃省网友说:https://lists.zx2c4.com/pipermail/wireguard/2016-July/000185.html
Generally speaking, WireGuard does not aim to evade DPS, unfortunately. There are several things that prevent this from occurring:
a) The first byte, which is a fixed type value. b) The fact that mac2 is most often all zeros. c) The fixed length of handshake messages. d) The unencrypted ephemeral public key.
江西省网友说:https://wiki.wireshark.org/WireGuard
江西省网友说:看下这篇邮件,里面有提到为什么wireguard容易被识别
https://lists.zx2c4.com/pipermail/wireguard/2018-September/003289.html