match on wg packets and redirect
Matthias Urlichs
matthias at urlichs.de
Sun Nov 4 14:56:26 CET 2018
On 04.11.18 14:46, Adrian Sevcenco wrote:
> so, i would like to redirect (in raw/prerouting) the incoming wg
> packets from 443 to actual wg listening port
Simply set your WG listening port to 443.
There's nothing else that sends UDP packets to port 443, so why would
you need to match anything?
If you really want to use two ports,
iptables -t nat -I PREROUTING -p udp --dport 443 -i
YOUR_EXTERNAL_INTERFACE -d YOUR_PUBLIC_IP -j REDIRECT --to-ports
YOUR_REAL_WG_PORT
should work. Or you could set up a separate WG interface.
--
-- Matthias Urlichs
More information about the WireGuard
mailing list