From 1305793798a8711a838ae2203c0862a174013746 Mon Sep 17 00:00:00 2001 From: urosm Date: Sat, 12 Aug 2023 03:46:15 +0200 Subject: [PATCH] add `wireguard` config --- .config/wireguard/README | 15 +++++++++++++++ .config/wireguard/client.conf | 9 +++++++++ .config/wireguard/server.conf | 15 +++++++++++++++ 3 files changed, 39 insertions(+) create mode 100644 .config/wireguard/README create mode 100644 .config/wireguard/client.conf create mode 100644 .config/wireguard/server.conf diff --git a/.config/wireguard/README b/.config/wireguard/README new file mode 100644 index 0000000..dcd55b9 --- /dev/null +++ b/.config/wireguard/README @@ -0,0 +1,15 @@ +quickstart + + sudo apt install wireguard-tools + + +serverside configuration + + sudo sysctl -w net.ipv4.ip_forward=1 + sudo sed -i "s/^#net.ipv4.ip_forward = 1/net.ipv4.ip_forward = 1/" /etc/sysctl.conf + + +generating keys + + wg genkey > client.key + wg pubkey < client.key > client.pub diff --git a/.config/wireguard/client.conf b/.config/wireguard/client.conf new file mode 100644 index 0000000..bd19ec2 --- /dev/null +++ b/.config/wireguard/client.conf @@ -0,0 +1,9 @@ +[Interface] +Address = 10.200.200.2/32 +PrivateKey = + +[Peer] +PublicKey = +Endpoint = :1194 +AllowedIPs = 0.0.0.0/0, ::/0 + diff --git a/.config/wireguard/server.conf b/.config/wireguard/server.conf new file mode 100644 index 0000000..03b30c8 --- /dev/null +++ b/.config/wireguard/server.conf @@ -0,0 +1,15 @@ +[Interface] +Address = 10.200.200.1/24 +ListenPort = 1194 +PrivateKey = + +PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o -j MASQUERADE +PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o i -j ACCEPT; iptables -t nat -D POSTROUTING -o -j MASQUERADE + +[Peer] +PublicKey = +AllowedIPs = 10.200.200.2/32 + +[Peer] +PublicKey = +AllowedIPs = 10.200.200.3/32