WireSock VPN Client Advanced Configuration Parameters

Tailor Your Tunnel: Customizing VPN Traffic with Precision

Enhance your network routing with the WireSock VPN Client by leveraging additional parameters that allow you to specify which applications and IP addresses are permitted or excluded from using the WireGuard tunnel. These settings provide granular control over your VPN traffic.

Allowed Apps

Define the applications that are authorized to use the VPN tunnel.

  • Usage: Optional. If not set, the VPN tunnel is available to all applications.
  • Configuration: Specify your applications by listing them, separated by commas. It’s not necessary to include the ‘.exe’ extension for process names. If your entry includes slashes or backslashes, the system will recognize it as a full pathname. Providing a full pathname allows you to target a specific folder, automatically including all executables within that directory for convenience.
  • Examples:
    • Full path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    • Process names: chrome, msoffice, firefox
    • All applications in Program Files folder: C:\Program Files
  • Dependency: Must be paired with AllowedIPs to define the scope of traffic for these applications.

Disallowed Apps

List the applications that are barred from using the VPN tunnel.

  • Usage: Optional. If both AllowedApps and DisallowedApps are specified, AllowedApps is prioritized and evaluated first.
  • Configuration: Specify your applications by listing them, separated by commas. It’s not necessary to include the ‘.exe’ extension for process names. If your entry includes slashes or backslashes, the system will recognize it as a full pathname. Providing a full pathname allows you to target a specific folder, automatically excluding all executables within that directory for convenience.
  • Examples:
    • Full path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    • Process names: chrome, msoffice, firefox
    • All applications in Program Files folder: C:\Program Files

Disallowed IPs

Identify IP addresses and ranges that should not use the VPN tunnel.

  • Usage: Optional. This parameter excludes specified IP addresses and ranges from the tunnel.
  • Configuration: List the IPs and ranges separated by commas, such as 1.1.1.1, 192.168.1.0/24.
  • Interaction: If AllowedApps is configured, DisallowedIPs will prevent the listed IPs and ranges from being tunneled for those applications.

SOCKS5 Proxy Configuration

For users needing to route their WireGuard handshake through a SOCKS5 proxy, additional parameters are provided:

  • Socks5Proxy: Set the SOCKS5 proxy endpoint, e.g., socks5.sshvpn.me:1080 or an IP-based endpoint like 13.134.12.31:1080.
  • Socks5ProxyUsername: (Optional) Specify the proxy username.
  • Socks5ProxyPassword: (Optional) Specify the proxy password.

Sample Configuration

Here’s an example configuration that tunnels only Google Chrome browser traffic, excluding local network traffic:

[Interface]
PrivateKey = [Your Private Key Here]
Address = 10.66.66.2/32, fd42:42:42::2/128
DNS = 94.140.14.14, 94.140.15.15
MTU = 1420

[Peer]
PublicKey = [Peer Public Key Here]
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = [VPN Endpoint Here]:51820
AllowedApps = chrome
DisallowedIPs = 192.168.1.0/24

Replace the placeholders with your actual details to ensure Chrome’s traffic is secured through the VPN while maintaining direct access to your local network.