Force a specific IP for outgoing WG traffic with SNAT?
Roman Mamedov
rm at romanrm.net
Fri Mar 17 19:54:51 UTC 2023
On Sat, 18 Mar 2023 01:13:53 +0530
Ashish SHUKLA <ashish.is at lostca.se> wrote:
> Did you try filtering based on fwmark ?
>
> CONFIGURATION FILE FORMAT
> The configuration file format is based on INI. There are two
> top level sections -- Interface and Peer. Multiple Peer sections may be
> specified, but only one Interface section may be specified.
>
> The Interface section may contain the following fields:
>
> • PrivateKey — a base64 private key generated by wg
> genkey. Required.
>
> • ListenPort — a 16-bit port for listening. Optional; if
> not specified, chosen randomly.
>
> • FwMark — a 32-bit fwmark for outgoing packets. If set
> to 0 or "off", this option is disabled. May be specified in hexadecimal
> by prepending "0x". Optional.
I was not aware there was such an option. For now the task described in the
original message is no longer required, I will try fwmark next time when it
might be. Thanks!
--
With respect,
Roman
More information about the WireGuard
mailing list