Linux kernel 5 different behavior
Jason A. Donenfeld
Jason at zx2c4.com
Sun Aug 25 21:07:40 CEST 2019
On Sun, Aug 25, 2019 at 1:03 PM Vasili Pupkin <diggest at gmail.com> wrote:
> Yes. On kernel version 4, outer packets (i.e. encrypted packets) are
> sent from privileged user
> account credentials so they pass the iptables sandbox. On kernel 5
> they inherit owner id of the user who sent unencrypted packets.
Can you use the `fwmark` option and adjust your rules to match on
!1234 or the like?
More information about the WireGuard
mailing list