Home

Awesome

swgp-go

Go Reference Test Release

🐉 Simple WireGuard proxy with minimal overhead for WireGuard traffic.

Proxy modes

1. Zero overhead

When to use

2. Paranoid

Packets are padded to the maximum packet size allowed by the MTU, then encrypted using XChaCha20-Poly1305.

When to use

Deployment

Arch Linux package

Release and VCS packages are available in the AUR:

Prebuilt binaries

Download from releases.

Container images

There are container images maintained by the community:

Build from source

Build and install the latest version using Go:

go install github.com/database64128/swgp-go/cmd/swgp-go@latest

Or clone the repository and build it manually:

go build -trimpath -ldflags '-s -w' ./cmd/swgp-go

Configuration

All configuration examples and systemd unit files can be found in the docs directory.

swgp-go uses the same PSK format as WireGuard. A PSK can be generated using wg genpsk or openssl rand -base64 32.

Make sure to use the right MTU for both server and client. To encourage correct use, swgp-go disables IP fragmentation and drops packets that are bigger than expected.

1. Server

In this example, swgp-go runs a proxy server instance on port 20220. Decrypted WireGuard packets are forwarded to [::1]:20221.

{
    "servers": [
        {
            "name": "server",
            "proxyListen": ":20220",
            "proxyMode": "zero-overhead",
            "proxyPSK": "sAe5RvzLJ3Q0Ll88QRM1N01dYk83Q4y0rXMP1i4rDmI=",
            "proxyFwmark": 0,
            "wgEndpoint": "[::1]:20221",
            "wgFwmark": 0,
            "mtu": 1500
        }
    ]
}

2. Client

In this example, swgp-go runs a proxy client instance on port 20222. Encrypted proxy packets are sent to the proxy server at [2001:db8:1f74:3c86:aef9:a75:5d2a:425e]:20220.

{
    "clients": [
        {
            "name": "client",
            "wgListen": ":20222",
            "wgFwmark": 0,
            "proxyEndpoint": "[2001:db8:1f74:3c86:aef9:a75:5d2a:425e]:20220",
            "proxyMode": "zero-overhead",
            "proxyPSK": "sAe5RvzLJ3Q0Ll88QRM1N01dYk83Q4y0rXMP1i4rDmI=",
            "proxyFwmark": 0,
            "mtu": 1500
        }
    ]
}

License

AGPL-3.0-or-later