[FR] How can I expose the wireguard tunnel as a socks5 proxy on the client?

Roman Mamedov rm at romanrm.net
Fri Oct 9 16:32:48 CEST 2020

On Fri, 9 Oct 2020 16:19:22 +0200
Chris <wireguard at spam-free.eu> wrote:

> Maybe I oversimplify your problem, but from what I read, your standard route 
> will be using the Iranian net.
> And - I guess - it is only a limited numer of IP addresses, that you would like 
> to reach through the tunnel.
> I don't know your OS, but simply adding ip routes pointing to the tunnel for the 
> desired destinations would do the job.

OK, a desired destination would be *.youtube.com, how would you go about that?

You can't add routes to domain names of websites, not to mention to wildcards
of domain names; and websites can resolve into a lot of IPs, which will change
randomly due to load balancing, or due to sites migrating their hosting over
time. So just resolving them right now and using specific IPs likely wouldn't
work for long.

One solution is the browser extensions that I mentioned coupled with a SOCKS
proxy on remote side. Another is what David suggests with dnsmasq and ipset,
which seems like it'll be more transparent from the usage standpoint, but also
more complex to set up.

With respect,

More information about the WireGuard mailing list