1
0
Fork 0
knowledge-base/KB/Linux/Wireguard.md

30 lines
795 B
Markdown

---
creation date: 2022-09-05
tags: [note,linux,wireguard,wg,docker]
---
`wireguard-tools` is required.
*Be aware that any additional setup will change `iptables` and might be against docker's default rules when running as `root`!*
## Forwarding
When forwarding should be allowed, the "host" needs to set the following via `sysctl` or in a `PostUp` / `PostDown` hook of WireGuard.
```shell
net.ipv4.ip_forward=1
net.ipv6.conf.all.forwarding=1
```
In addition, the `AllowedIPs` in the client's `peer` section should be `0.0.0.0/0, ::/0`.
## Import into Network Manager
When using Network Manager, WireGuard profiles can be imported
```
nmcli connection import type wireguard file <path to conf>
```
Ensure you've unchecked _Automatically connect_ afterwards in `nm-connection-editor`.