[wireguard-dev] Ability to use one udp port for multiple wg interfaces
Jason A. Donenfeld
Jason at zx2c4.com
Thu Sep 21 14:54:25 CEST 2017
Perhaps I'm not understanding your last message, but it's most
certainly possible to bind to a particular IP address with a service.
It's also possible to bind to _all_ IP addresses, and then use
iptables to control which source networks have access to a particular
port. Finally, within a service, if you only allow input from wg0
since allowed-ips gives strong cryptographic binding, you can
explicitly filter on the IP addresses you get from recvfrom.
I don't understand your meaning of "internal dev".
More information about the WireGuard
mailing list