Suggestion for WireGuard

Guy Godfroy guy.godfroy at
Thu Sep 2 04:10:05 UTC 2021


I'm not implied in wireguard dev, but I thinks that wouldn't match wireguard mechanism. Indeed AllowedIP isn't only about routing, it is used to match a cryptographic fingerprint to a given IP. Also, having multiple peers containing such thing as DisallowedIP could lead to nonsense.

What don't you use the firewall to block the IP range instead?

More information about the WireGuard mailing list