Setting the transit namespace at runtime
Julian Orth
ju.orth at gmail.com
Thu Sep 6 22:42:41 CEST 2018
Hi,
After receiving some positive feedback on IRC, I've gone ahead and implemented
this. You can see the code here:
https://github.com/mahkoh/wireguard/commits/transit-namespace
You can test it as follows:
* Create a new netns: ip netns add test
* Enter it: ip netns exec test bash
* Use wg-quick to create a wireguard device
* Try to connect anywhere: It doesn't work
* Set the transit namespace to the init namespace:
wg set wg0 transit-net /proc/1/ns/net
* Try to connect anywhere: It works
I haven't written any documentation yet but I hope that the commits are clear
enough.
Julian
More information about the WireGuard
mailing list