diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2018-10-05 19:19:08 +0200 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2018-10-05 19:20:52 +0200 |
| commit | 3e2f5495ea684d7f06fbefc50290e7d8985fc3de (patch) | |
| tree | 02961b773b94ed378900b2d2166e556ae22aa702 | |
| parent | curve25519-arm: rearrange multiplications for better in-order performance (diff) | |
| download | wireguard-monolithic-historical-3e2f5495ea684d7f06fbefc50290e7d8985fc3de.tar.xz wireguard-monolithic-historical-3e2f5495ea684d7f06fbefc50290e7d8985fc3de.zip | |
wg-quick.8: add policy routing example
Suggested-by: Toke Høiland-Jørgensen <toke@toke.dk>
Suggested-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
| -rw-r--r-- | src/tools/man/wg-quick.8 | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/src/tools/man/wg-quick.8 b/src/tools/man/wg-quick.8 index 8f0c487..00d7dba 100644 --- a/src/tools/man/wg-quick.8 +++ b/src/tools/man/wg-quick.8 @@ -205,6 +205,32 @@ Notice the two `Address' lines at the top, and that `SaveConfig' is set to `true that the configuration file should be saved on shutdown using the current status of the interface. +A combination of the `Table', `PostUp', and `PreDown' fields may be used for policy routing +as well. For example, the following may be used to send SSH traffic (TCP port 22) traffic +through the tunnel: + + [Interface] +.br + Address = 10.192.122.1/24 +.br + PrivateKey = yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk= +.br + ListenPort = 51820 +.br + \fBTable = 1234\fP +.br + \fBPostUp = ip rule add ipproto tcp dport 22 table 1234\fP +.br + \fBPreDown = ip rule delete ipproto tcp dport 22 table 1234\fP +.br + +.br + [Peer] +.br + PublicKey = xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg= +.br + AllowedIPs = 0.0.0.0/0 + These configuration files may be placed in any directory, putting the desired interface name in the filename: |