Option to fwmark incoming packets?
matthias at urlichs.de
Thu Dec 6 18:41:05 CET 2018
I seem to require firewalling some peers' incoming traffic with special rules.
While it's certainly possible to add a bunch of iptables/nftables rules to
classify traffic from the WG interface (just mirror the peers' AllowedIP
entries …) this is redundant (thus possibly inconsistent) and bad for
How about a per-peer "fwmark" setting that marks that peer's incoming packets?
-- Matthias Urlichs
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the WireGuard