diff --git a/docs/changes.txt b/docs/changes.txt
index 4d680bf..c032d29 100644
--- a/docs/changes.txt
+++ b/docs/changes.txt
@@ -132,3 +132,4 @@ v0.7.6
 * nfqws2: dtls protocol detection
 * nfqws2: autohostlist reset retransmitter to break long wait
 * zapret-auto: stadard_failure_detector reset retransmitter to break long wait
+* nfqws2, init.d, windivert : dht and wg detection changes
diff --git a/init.d/custom.d.examples.linux/50-dht4all b/init.d/custom.d.examples.linux/50-dht4all
index 8ac58ad..6f29bf7 100644
--- a/init.d/custom.d.examples.linux/50-dht4all
+++ b/init.d/custom.d.examples.linux/50-dht4all
@@ -21,9 +21,9 @@ zapret_custom_firewall()
 	local f uf4 uf6
 	local first_packet_only="$ipt_connbytes 1:1"
 
-	f='-p udp -m length --length 109:407 -m u32 --u32'
-	uf4='0>>22&0x3C@8>>16=0x6431'
-	uf6='48>>16=0x6431'
+	f='-p udp -m u32 --u32'
+	uf4='0>>22&0x3C@4>>16=13:0xFFFF && 0>>22&0x3C@8>>16=0x6431:0x6432'
+	uf6='44>>16=13:0xFFFF && 48>>16=0x6431:0x6432'
 	fw_nfqws_post $1 "$f $uf4 $first_packet_only"  "$f $uf6 $first_packet_only" $QNUM_DHT4ALL
 }
 zapret_custom_firewall_nft()
@@ -33,6 +33,6 @@ zapret_custom_firewall_nft()
         local f
         local first_packet_only="$nft_connbytes 1"
 
-        f="meta length 109-407 meta l4proto udp @ih,0,16 0x6431"
+        f="udp length ge 13 meta l4proto udp @ih,0,16 0x6431-0x6432"
         nft_fw_nfqws_post "$f $first_packet_only" "$f $first_packet_only" $QNUM_DHT4ALL
 }
diff --git a/init.d/windivert.filter.examples/windivert_part.dht.txt b/init.d/windivert.filter.examples/windivert_part.dht.txt
new file mode 100755
index 0000000..ccf50d1
--- /dev/null
+++ b/init.d/windivert.filter.examples/windivert_part.dht.txt
@@ -0,0 +1 @@
+udp.Length>=5 and udp.Payload[0]=0x64 and udp.Payload[1]>=0x31 and udp.Payload[1]<=0x32
\ No newline at end of file
diff --git a/init.d/windivert.filter.examples/windivert_part.quic_initial_ietf.txt b/init.d/windivert.filter.examples/windivert_part.quic_initial_ietf.txt
index 6e01bef..566844e 100644
--- a/init.d/windivert.filter.examples/windivert_part.quic_initial_ietf.txt
+++ b/init.d/windivert.filter.examples/windivert_part.quic_initial_ietf.txt
@@ -1,4 +1,4 @@
   outbound and
   udp.PayloadLength>=256 and
   udp.Payload[0]>=0xC0 and udp.Payload[0]<0xD0 and
-  udp.Payload[1]=0 and udp.Payload16[1]=0 and udp.Payload[4]=1
+  udp.Payload[1]=0 and udp.Payload16[1]=0 and udp.Payload[4]=1
\ No newline at end of file
diff --git a/init.d/windivert.filter.examples/windivert_part.wireguard.txt b/init.d/windivert.filter.examples/windivert_part.wireguard.txt
index 9b07c08..890444e 100644
--- a/init.d/windivert.filter.examples/windivert_part.wireguard.txt
+++ b/init.d/windivert.filter.examples/windivert_part.wireguard.txt
@@ -1,3 +1,3 @@
-  outbound and
-  udp.PayloadLength=148 and
-  udp.Payload[0]=0x01
\ No newline at end of file
+udp.PayloadLength=148 and udp.Payload[0]=0x01 or
+udp.PayloadLength=92 and udp.Payload[0]=0x02 or
+udp.PayloadLength=64 and udp.Payload[0]=0x03
\ No newline at end of file
diff --git a/nfq2/protocol.c b/nfq2/protocol.c
index cdb8295..46e1d44 100644
--- a/nfq2/protocol.c
+++ b/nfq2/protocol.c
@@ -1408,7 +1408,11 @@ bool IsWireguardKeepalive(const uint8_t *data, size_t len)
 }
 bool IsDht(const uint8_t *data, size_t len)
 {
-	return len>=7 && data[0]=='d' && (data[1]=='1' || data[1]=='2') && data[2]==':' && data[len-1]=='e';
+	return len>=5 && data[0]=='d' && data[2]==':' && data[len-1]=='e' &&
+		(data[1]=='1' && data[3]=='a' && data[4]=='d' ||
+		data[1]=='1' && data[3]=='r' && data[4]=='d' ||
+		data[1]=='2' && data[3]=='i' && data[4]=='p' ||
+		data[1]=='1' && data[3]=='e' && data[4]=='l');
 }
 bool IsDiscordIpDiscoveryRequest(const uint8_t *data, size_t len)
 {