Disable tor

[EgorChadov]

Hello!

Is it possible to turn off tor entirely?

My current docker-compose is:

networks:
  private_network:
    driver: bridge
    driver_opts:
      com.docker.network.bridge.enable_icc: "true"
    attachable: true
    internal: false
    ipam:
      config:
        - subnet: 10.2.0.0/24


services:
  adguard:
    depends_on: [wiregate]
    container_name: adguard
    image: adguard/adguardhome
    restart: unless-stopped
    hostname: adguard
    # Volumes store your data between container upgrades
    volumes:
      - "./configs/adguard/Data:/opt/adguardhome/work"
      - "./configs/adguard:/opt/adguardhome/conf"
    networks:
      private_network:
        ipv4_address: 10.2.0.100   

  wiregate:
      #image: noxcis/wiregate:vidar
      image: noxcis/wiregate:jiaotu-beta-v0.4
      container_name: wiregate
      hostname: wiregate
      cap_add:
        - NET_ADMIN
      devices:
        - /dev/net/tun:/dev/net/tun  
      restart: unless-stopped
      volumes:
        - "./conf:/etc/wireguard"
        - "./pf_conf:/WireGate/iptable-rules/"
        - "./db:/WireGate/db"
        - "./configs/dnscrypt:/WireGate/dnscrypt"
        #- "./configs/tor:/etc/tor/"
        - "./configs/logs:/WireGate/log/"
        - "./configs/master-key:/WireGate/master-key"

      environment:
        #- WGDCONF_PATH=/etc/wireguard
        - AMNEZIA_WG=true

      #Tor Settings
      ##########################################################
        - WGD_TOR_PROXY=false          #Enable Tor
        - WGD_TOR_EXIT_NODES={}     #Ex. {gb},{fr}
        - WGD_TOR_DNS_EXIT_NODES={}
        - WGD_TOR_BRIDGES=false        #Enable Tor Bridges
        - WGD_TOR_PLUGIN=snowflake    #OPTIONS webtunnel, obfs4, snowflake
      #WGDashboard Global Settings
      ##########################################################
        - WGD_WELCOME_SESSION=false	  ##Promts user accont creation after fist sign in. 
        - WGD_AUTH_REQ=true
        - WGD_USER=admin
        - WGD_PASS=admin
        - WGD_REMOTE_ENDPOINT=#your domain or ip
        - WGD_REMOTE_ENDPOINT_PORT=80
        - WGD_PEER_ENDPOINT_ALLOWED_IP=0.0.0.0/0, ::/0
        - WGD_KEEP_ALIVE=21
        - WGD_MTU=1384
        - WGD_PORT_RANGE_STARTPORT=4430
        - WGD_DNS=10.2.0.100
        - WGD_IPTABLES_DNS=10.2.0.100
      ports:
        - "4430-4433:4430-4433/udp" #UDP Interface Listen Ports For Zones
      sysctls:
        - net.ipv4.ip_forward=1
        - net.ipv4.conf.all.src_valid_mark=1
        - net.ipv6.conf.all.forwarding=1
        - net.ipv6.conf.default.forwarding=1
      networks:
        private_network:
          ipv4_address: 10.2.0.3

As you can see WGD_TOR_PROXY and WGD_TOR_BRIDGES turned off. But tor is still running in system and container logs shows that tor getting new bridges. Also button 'Bridges enabled' in web interface always green no matter what I'm choosing.

[NOXCIS]

Just change the iptables for the configuration you're using. Look in the Static-Deploy/src/iptable-rules/ for the default non-tor script templates.
Tor just exists as an optional exit proxy.

Yeah it doesn't matter if the bridges are defined in the config, if the UseBridges 1 line inst present. Which is all that toggle does. Adds/removes the use bridges from the config. The plugins aren't used without bridges.

Also what build are you on. beta & dev builds are untested.

Use jiaotu-beta-v0.4, if you're gonna use the beta builds.

[EgorChadov]

Thanks for your answer.

So, if WGD_TOR_PROXY=false, WGD_TOR_BRIDGES=false and iptables set to non-tor templates then tor is disabled? But it will still exist in the container, right?

Thanks for the wiregate, I really like it!

I also got a question about ipv6. Why may it not work? My VPS has ipv6 and it's configurated. We don't need other iptables rules for ipv6?

[NOXCIS]

Those flags in the compose are for your initial enviorment setup for the 4 generated configurations. So if you set them to true they will apply the tor iptables to the configs. False will generate configs that use the non tor iptables. However the tor procsess will still be running regarless.

if your not using ipv6 there no need for iptables until you do use ipv6.

Dont thank me that this jackass over on WGDashboard. donaldzou/WGDashboard#358 (comment). I took offense and builtout Wiregate out of pure spite. Thats why ill help out but refuse to do PR's.

@DaanSelen <--Thank this useless dumbass.

[DaanSelen]

Those flags in the compose are for your initial enviorment setup for the 4 generated configurations. So if you set them to true they will apply the tor iptables to the configs. False will generate configs that use the non tor iptables. However the tor procsess will still be running regarless.

if your not using ipv6 there no need for iptables until you do use ipv6.

Dont thank me that this jackass over on WGDashboard. donaldzou/WGDashboard#358 (comment). I took offense and builtout Wiregate out of pure spite. Thats why ill help out but refuse to do PR's.

@DaanSelen <--Thank this useless dumbass.

I'm sorry I had to step in to create a working image instead of the non-functional state you left it in.

[NOXCIS]

@DaanSelen You're full of shit. Remind me of what a support enginner is again? Mate github is public and so is your ignorance. Point out the commit, do a git blame if your words have any credibility. You do this for the name, i do for the game, we are not the same old man.

[DaanSelen]

@DaanSelen You're full of shit. Remind me of what a support enginner is again? Mate github is public and so is your ignorance. Point out the commit, do a git blame if your words have any credibility. You do this for the name, i do for the game, we are not the same old man.

I do not have to prove anything to someone so arrogant and full of himself. Donald himself proposed a rollback once your work was done.

Please get out of you butthurt tantrum and resume your life. Like we said already in WGDashboard communication mediums, your actions like this are not welcome, and those were not my words.

[NOXCIS]

@@Stop being full of shit, you're help desk. How many times have I corrected your stupidity? Do you not understand I can see through you like glass. Do you want me to point it out again and again? Besides dumbass you can't even do support with sense.

Now the proof is in the pudding. Look at you pinning projects as if you were a major factor in development. When you can't even be a half decent support desk.

Look, I try my best to not label people as incompetent but you have proven it, repeatedly.

• Do you understand Docker? NO
• Do you understand Python? NO
• Do you understand networking at an enterprise level. NO
• Do you understand Vue? NO
• Do you understand standard practices? NO
• Do you understand why hard coding environment variables in the Docker image is a dumbass idea? NO
• Do you understand process flow? NO
• Do you understand AmneziaWG? lol fuck no, I gave you the answers and you're still fucking stupid.
• Do you want personal recognition? Yes, are you worthy of it? Fuck no.

I could go on and on old man. I do it for the love of the game. Half my life has been spent with these machines. I respect the beginners and crucify the pretenders and look up to the masters. The masters need no recognition. Short sighted dumbass programming is an art form that must be treated with respect. Wanting not to understand is an avenue paved by ignorance bound to shaken by the foundations of knowledge. Who the fuck are you to determine if something is working or not, when you have zero understanding of what you're doing and refuse to listen to otherwise.

Here a list of shit I said I would do and did.

• full AmneziaWG integration.
• full Tor integration
• text editor for iptables (your own idea you couldn't implement yourself)
• Import / export backups.
• Upload configurations
• Static binary Deployments.
• Fixed broken functions & syntax deprecation.
• Refractor the whole dashboard to a modular state.
• etc

All while not knowing a rats ass about Vue and I still don't know what the fuck I'm doing. I'm a kid that's been here since KitKat and cyanogen rom ports. I don't like you because of how confident you are in your own self contrived ignorance. It defies all logic and turned app deployment into a drunk circus that could be made dirt simple. The anmneziaeg docker compose I sent you and Zou, is an example of that. No entrypoint needed? I know I wrote it, Easter eggs are for you.

I wanted to use WGDash and just maintain a deploy script, but no you had to hard code stupid into main.

@EgorChadov Added Tor Stop/start button in latest beta build. It's also supported the AmneziaWG kernel module is installed on docker host. Bare metal builds on the way.

[EgorChadov]

@NOXCIS Thank! Just tested it, works well!

Also, if it is possible, could obfuscation parameters be added to the config somewhere, as an additional option? Maybe in environment variables, for example?

The thing is that sometimes it is important to set some parameters manually. Here is a message from AmneziaWG developers:

who has AWG not working

Jc set from 3 to 5
Jmin=40
Jmax=70
This should be enough, and will not even break conscience with already issued configs. (It turned out that when changing Jc Jmin Jmax all users from the configure control panel disappear, we fix it).

If it still does not connect, you can also do this:
S1 and S2 set from 2 to 10

[DaanSelen]

I take my statement back.

[NOXCIS]

@DaanSelen I wasnt even speaking to you... but anyway...
561cc43

There is no such thing as Wiregate or WGDashboard, both are attempts at implementing a user interface for the WireGuard Protocol. There is only the wireguard community. @donaldzou built a strong foundational code base for this purpose known as WGDashboard, from this foundation i became the architect of Wiregate. Which probably would've still been just a docker stack if your ego and ignorance didnt get im way, so history should thank you.

Bottom line, your commits are weak and your talk, cheap. I said i wanted something and made it happen. Your words matter to the scales equal that of a feather.

LoL, cool you googled me. Riddle Me this, ive never had a linked in Profile picture and stop updating it a while back. Where does the trail go...?

Anyway thank God for AI thinning the pretenders, may the Computing Career Hype Train Crash and Burn. Oh one last thing...

Im 12 years in and not even 24. Bro i do this for the love of the game. I was porting android ROMs before you even thought of running Hello World.

Oh I never said it's enterprise software that's the output from this prompt, "Wiregate vs WGDashboard" against the two code bases. The same AI that's been data scrapping the internet for that last two years. Odd, I know, but code is just a recipe at the end of the day.

What it would need is an Upstream Database syncing pipeline, mesh network generator, custom client app to encrypt the raw config and use existing enterprise Auth to decrypt and connect. You could take this a step further for the client app and keep the decrypted config in memory then clearing once disconnected. Boom Massive multi cluster deployment. At the end of the day it's still a powerful system admin tool. Firewalls probably need a better UX, but who cares. Also It's already in production environments so I don't know about the no companies thing.

The issue Number is Perfect for these shenanigans

@EgorChadov Thanks for the feedback, ill adjust the auto gen and add a patch for the pers disappearing. It seem like a database misalignment is causing it due to peer params not being updated when the config params are updated. You can edit the Raw Config for the interface to change the AWG parameters. its in the config settings.