Update: exempting two things from WireGuard tunneling
saeidscorp at yahoo.com
Tue Mar 6 10:56:10 CET 2018
On Monday, March 5, 2018 11:12:25 PM +0330 Kalin KOZHUHAROV wrote:
> On Mon, Mar 5, 2018 at 7:59 PM, Nicholas Joll <najoll at posteo.net> wrote:
> > (2) Netflix (which I run via a Chrome app).
> ... cannot help you much here, but I guess it is some tcp, udp and rtp
> mix to some large cloud of IPs.
On Monday, March 5, 2018 11:13:41 PM +0330 Jason A. Donenfeld wrote:
> Use the ipset= feature of dnsmasq, and then use policy routing on that
Or this link might help: http://www.evolware.org/?p=369
I personally prefer cgroups when I occasionally need to use some website or
software with different routing needs. So I just simply start a new instance
of my browser in that cgroup to have its traffic bypassed the wireguard. (or
bypassing wg? not sure about the grammar :)
PS: I think iptables version 1.6.0(?) and onwards has cgroup match built in;
so no need to use the binary provided by the website.
More information about the WireGuard