more specific routes for IPs added to "AllowedIPs =" ?

PGNet Dev at
Thu Oct 1 16:38:45 CEST 2020

On 10/1/20 6:07 AM, B K E wrote:
>  it's probably the easiest to let wg-quick do its work, then by hand modify the routes so they are correct, and then put the necessary route commands in a PostUp script.


Once I figured out that on _linux_, turning OFF auto-route generation is done with

	Table = off


	route-allowed-ips = false

turning it OFF, then simply generating _required_ routes, and adding fw restrictions, in PostUp/PostDown works well enough.

It's a _bit_ messy, but seems the most straighforward.

More information about the WireGuard mailing list