Whether to operate wireguard with routing or natting should be adjustable

NHAS / wag

Simple Wireguard 2FA

BSD 3-Clause "New" or "Revised" License

499 stars 27 forks source link

Whether to operate wireguard with routing or natting should be adjustable #39

Closed bluecraank closed 1 year ago

bluecraank commented 1 year ago

iptables.go line 39

    err = ipt.Append("nat", "POSTROUTING", "-s", config.Values().Wireguard.Range.String(), "-j", "MASQUERADE")
    if err != nil {
        return err
    }

Me again,

it would be great if you could set whether the traffic should be routed or natted, since routing can later be used to clearly identify which request comes from which client

example config.json

DEFAULT: false

"routing": "false"

If routing is true, just skip that code

Hope it is understandable.

NHAS commented 1 year ago

Yep that makes sense and I like it. Being able to turn on and off natting makes a lot of sense.

I'll add that.

NHAS commented 1 year ago

This is now on the unstable branch for you to try out.

I've called the option "NAT", so "NAT": true/false

bluecraank commented 1 year ago

Thanks! I am currently testing

bluecraank commented 1 year ago

Works perfectly!