[PATCH 1/1] wg(8): rephrase wording on AllowedIPs
Lonnie Abelbeck
lists at lonnie.abelbeck.com
Sun Feb 18 17:10:35 CET 2018
On Feb 18, 2018, at 6:02 AM, Daniel Lublin <daniel at lublin.se> wrote:
> +AllowedIPs \(em a comma-separated list of IP (v4 or v6) addresses with CIDR
> +masks, declaring the sources of incoming traffic that are allowed through the
> +peer, and as well defining which destinations of outgoing traffic that will be
> +directed through the peer. The catch-all \fI0.0.0.0/0\fP may be specified for
> +matching all IPv4 addresses, and \fI::/0\fP may be specified for matching all
> +IPv6 addresses. May be specified multiple times. Required.
Personally, in an effort to make this more clear, from this reference:
Cryptokey Routing
https://www.wireguard.com/#cryptokey-routing
This quote offered clarity to me ...
--
When sending packets, the list of allowed IPs behaves as a sort of routing table, and when receiving packets, the list of allowed IPs behaves as a sort of access control list.
--
Lonnie
More information about the WireGuard
mailing list