Suggestion: Extended AllowedIPs syntax

Posegga, Joachim jp at sec.uni-passau.de
Mon Feb 8 21:10:46 UTC 2021


I would very much appreciate a way to exclude subnets from being routed through a wg tunnel. Would be much more convenient than changing the system's routing table by hand, e.g. if you want to keep connectivity to your local subnet when establishing a tunnel for 0.0.0.0/0.

-----Original Message-----
From: WireGuard [mailto:wireguard-bounces at lists.zx2c4.com] On Behalf Of pg131072
Sent: Sunday, 7 February, 2021 15:21
To: wireguard at lists.zx2c4.com
Subject: Fw: Suggestion: Extended AllowedIPs syntax

I find the AllowedIPs CIDR format difficult to grok. What if Wireguard allowed...

 +IP/mask - add a range
 +IP-IP - add a range
 -IP/mask - remove a range
 -IP-IP - remove a range

Multiple terms would be interpreted left to right

i.e.

AllowedIPs: +1.2.3.0/24 -1.2.3.1-1.2.3.10 -1.2.3.255

Example C++ code:https://pastebin.com/mCLCg5vr

Thanks

PG

Note: I originally posted to Reddit: 
https://www.reddit.com/r/WireGuard/comments/lemdmv/suggestion_extended_allowedips_syntax/




More information about the WireGuard mailing list