more specific routes for IPs added to "AllowedIPs =" ?
PGNet Dev
pgnet.dev at gmail.com
Thu Oct 1 16:38:45 CEST 2020
On 10/1/20 6:07 AM, B K E wrote:
> it's probably the easiest to let wg-quick do its work, then by hand modify the routes so they are correct, and then put the necessary route commands in a PostUp script.
yep.
Once I figured out that on _linux_, turning OFF auto-route generation is done with
Table = off
not
route-allowed-ips = false
turning it OFF, then simply generating _required_ routes, and adding fw restrictions, in PostUp/PostDown works well enough.
It's a _bit_ messy, but seems the most straighforward.
More information about the WireGuard
mailing list