From 4b370b163c3fdf3b1e5c66f6afe4e11c0a31fbca Mon Sep 17 00:00:00 2001 From: Aram Peres Date: Sat, 16 Oct 2021 19:46:53 -0400 Subject: [PATCH] Reword readme --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 8b7681e..c86dc63 100644 --- a/README.md +++ b/README.md @@ -130,8 +130,8 @@ forward it to the server's port, which handles the TCP segment. The server respo the peer's local WireGuard interface, gets encrypted, forwarded to the WireGuard endpoint, and then finally back to onetun's UDP port. When onetun receives an encrypted packet from the WireGuard endpoint, it decrypts it using boringtun. -The resulting IP packet is dispatched to the corresponding virtual interface running inside onetun; once the corresponding -interface is matched, the IP packet is read and unpacked, and the virtual client's TCP state is updated. +The resulting IP packet is dispatched to the corresponding virtual interface running inside onetun; +the IP packet is then read and processed by the virtual interface, and the virtual client's TCP state is updated. Whenever data is sent by the real client, it is simply "sent" by the virtual client, which kicks off the whole IP encapsulation and WireGuard encryption again. When data is sent by the real server, it ends up routed in the virtual interface, which allows