WireSock VPN Client Release History


  • Fix: Resolved Memory Alignment Issue in Virtual Network Adapter on ARM64 Platform


  • This update enhances user experience by dynamically naming the virtual network interface based on the configuration file used. This feature is especially advantageous for users managing multiple configurations, offering a more intuitive and straightforward method to identify and interact with different network interfaces. This functionality is specifically tailored to the virtual adapter mode, streamlining network management in complex setups.


  • The command-line interface of WireSock VPN Client has been enhanced with an ‘import’ command. Aimed at enhancing security and user convenience, this feature encrypts the chosen VPN configuration with the credentials of the service user account and secures it within a designated protected folder. After encryption, users can easily access and manage their VPN configuration using a simplified path reference, optimizing workflow efficiency.


  • Introduced ListenPort configuration parameter for Wireguard.
  • Enhanced packet handling performance across the codebase.


  • Implemented Parameter Verification for Boringtun Library Calls: By adding another layer of parameter verification, we’ve significantly boosted system stability and mitigated potential panics within the boringtun library.
  • Upgraded to Boringtun Library Version 0.6.0: With this upgrade, users can expect enhanced performance and increased reliability from the VPN client.


  • This release presents a service update, featuring subtle yet significant code refactoring for improved maintainability and performance.


  • Cleared Empty MTU Configuration Issue: A glitch that was triggering an exception when an empty Maximum Transmission Unit (MTU) value was identified in the configuration file has been rectified.


  • Bug Fix: Resolved an issue related to the resolution of IPv6 connection process contexts, which was introduced in version 1.2.25.
  • Enhanced the MTU management of IPv6 connections via the WireGuard tunnel.


  • Bug Fix: Addressed an exception that occurred when a DNS was not specified for the virtual network adapter.
  • Enhanced the MTU management of incoming connections via the WireGuard tunnel.


  • Bug Fix: Resolved an issue that was causing unexpected application shutdowns when managing fragmented TCP packets originating from the tunnel.


  • Bug Fix: Identified and fixed an issue where an exception occurred while resolving process names, which could potentially cause the application to terminate unexpectedly.


  • Resolved an issue involving malformed IPv6 packets that could lead to the application’s unexpected termination.



  • Enhanced performance on ARM64 devices: By using the native ARM64 build of Boringtun, WireSock can now offer improved performance and efficiency on ARM64 devices.


  • Introducing ARM64 support: We have now added support for the ARM64 architecture. Currently, the ARM64EC variant is being used due to the Boringtun dependency, Ring, which cannot be compiled for the native ARM64. This update enhances WireSockUI‘s compatibility with a wider range of devices and platforms.


  • The wgbooster.dll interface has been enriched to provide extended functionality for EpexGUI. These enhancements enable the application to better manage the WireSock VPN Client and improve the user experience.


  • Support for non-ASCII characters in the path name of the Wireguard configuration file has been added to enhance compatibility on Windows systems.


  • Fixed bug in parsing IPv6 endpoint.


  • When running in application mode and the configuration file is missing or corrupted, the application exits, instead of trying to load the configuration again.
  • AllowedApps/DisallowedApps behavior has changed:
    1. If both AllowedApps and DisallowedApps are specified, packets that do not match the AllowedApps criteria are not forwarded to the tunnel.
    2. When a DNS server is specified in the configuration file, all DNS requests are forwarded through the tunnel. To change this default behavior, you can specify the process name of the DNS Client service (dnscache) in the DisallowedApps. In the latter case, DNS queries initiated by the DNS Client service will not be forwarded through the tunnel.


  • Updated to the latest Boringtun master branch (October 8, 2022).
  • Fixed a race condition when connecting to a WireGuard server in adapterless mode. This could lead to unwanted reconnections.
  • AllowedApps/DisallowedApps can now check path name instead of just filename. Path name validation is performed if at least one slash or backslash character is specified to prevent unwanted path/filename matches in certain environments.


  • Updated to Boringtun v0.5.2.
  • Added DHCP/ARP bypass (in the previous version, an active tunnel could prevent DHCP from working properly under some circumstances).