[Question or Feature Request] Any wg1.conf option to limit peer IP as 1-to-1?

KeXianbin(http://diyism.com) kexianbin at diyism.com
Mon Dec 17 10:02:46 CET 2018

It's my fault, sorry.
I didn't use the AllowedIPs option, i'm using "ip route add" in my script.

On Mon, Dec 17, 2018 at 4:54 PM Jason A. Donenfeld <Jason at zx2c4.com> wrote:
> On Mon, Dec 17, 2018 at 9:49 AM KeXianbin(http://diyism.com)
> <kexianbin at diyism.com> wrote:
> > I found the definition in manual:
> > AllowedIPs — a comma-separated list of IP (v4 or v6) addresses with CIDR masks
> > from which incoming traffic for this peer is allowed and to which
> > outgoing traffic for this peer is directed
> >
> > from: https://manpages.debian.org/unstable/wireguard-tools/wg.8.en.html
> Yes, that is indeed what the man page says and it is the expected
> behavior. You've reported here, however, "Currently,  the peer can set
> any IP, for example, and can send packets to my
> from," which sounds bad and like something
> worth taking seriously, if I'm interpreting that correctly. Would you
> take the time to create a reproducer similar to what I posted in my
> last email?
> Thanks,
> Jason

More information about the WireGuard mailing list