Configuration parsing error using iptables

[Mintminds]

Problem/Motivation

Trying to get my HA server connected to a belgium surfshark VPN through wireguard so I can record Grandprix radio commentary during F1 sessions

Expected behavior

Connecting to Surfshark using wireguard add-on

Actual behavior

[11:43:28] INFO: Starting WireGuard... [11:43:28] TRACE: bashio::config.has_value: server.interface [11:43:28] TRACE: bashio::config: server.interface [11:43:28] TRACE: bashio::addon.config [11:43:28] TRACE: bashio::cache.exists: addons.self.options.config [11:43:28] TRACE: bashio::fs.file_exists: /tmp/.bashio/addons.self.options.config.cache [11:43:28] TRACE: bashio::cache.get: addons.self.options.config [11:43:28] TRACE: bashio::cache.exists: addons.self.options.config [11:43:28] TRACE: bashio::fs.file_exists: /tmp/.bashio/addons.self.options.config.cache [11:43:28] TRACE: bashio::jq: {"server":{"host":"homeassistant.local","addresses":["10.14.0.2/16"],"dns":["162.252.172.57","149.154.159.92"],"private_key":"","post_up":"iptables -A FORWARD -i wg0 -j ACCEPT iptables -A FORWARD -o wg0 -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE ","post_down":"iptables -D FORWARD -i wg0 -j ACCEPT iptables -D FORWARD -o wg0 -j ACCEPT iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE "},"peers":[{"name":"surfshark","public_key":"cTDaqf4qOaNGUbzt/qMRUCcOzL9wknQtG00po/bBt3Y=","endpoint":"be-anr.prod.surfshark.com:51820","addresses":["172.27.66.2/32"],"allowed_ips":["0.0.0.0/0"],"client_allowed_ips":["0.0.0.0/0"]}],"log_level":"trace"} if (.server.interface == null) then null elif (.server.interface | type == "string") then .server.interface // empty elif (.server.interface | type == "boolean") then .server.interface // false elif (.server.interface | type == "array") then if (.server.interface == []) then empty else .server.interface[] end elif (.server.interface | type == "object") then if (.server.interface == {}) then empty else .server.interface end else .server.interface end [#] ip link add wg0 type wireguard [#] wg setconf wg0 /dev/fd/63 Line unrecognized: `iptables-AFORWARD-owg0-jACCEPT' Configuration parsing error [#] ip link delete dev wg0

Steps to reproduce

My configuration file expect for the private key that I removed:

server: host: homeassistant.local addresses:

• 10.14.0.2/16 dns:
• 162.252.172.57
• 149.154.159.92 private_key: yOftsP7nk/I1gMXAtVZ6C9vl8GQDGRlrrDQoFhjw0Xo= post_up: | iptables -A FORWARD -i wg0 -j ACCEPT iptables -A FORWARD -o wg0 -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE post_down: | iptables -D FORWARD -i wg0 -j ACCEPT iptables -D FORWARD -o wg0 -j ACCEPT iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE peers:
  • name: surfshark public_key: cTDaqf4qOaNGUbzt/qMRUCcOzL9wknQtG00po/bBt3Y= endpoint: be-anr.prod.surfshark.com:51820 addresses:
    • 172.27.66.2/32 allowed_ips:
    • 0.0.0.0/0 client_allowed_ips:
    • 0.0.0.0/0 persistent_keepalive: 25 log_level: trace server: host: homeassistant.local addresses:
• 10.14.0.2/16 dns:
• 162.252.172.57
• 149.154.159.92 private_key: post_up: | iptables -A FORWARD -i wg0 -j ACCEPT iptables -A FORWARD -o wg0 -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE post_down: | iptables -D FORWARD -i wg0 -j ACCEPT iptables -D FORWARD -o wg0 -j ACCEPT iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE peers:
  • name: surfshark public_key: cTDaqf4qOaNGUbzt/qMRUCcOzL9wknQtG00po/bBt3Y= endpoint: be-anr.prod.surfshark.com:51820 addresses:
    • 172.27.66.2/32 allowed_ips:
    • 0.0.0.0/0 client_allowed_ips:
    • 0.0.0.0/0 persistent_keepalive: 25 log_level: trace

Proposed changes

(If you have a proposed change, workaround or fix, describe the rationale behind it)

I've used iptables because sysctl -n net.ipv4.conf.all.src_valid_mark is read-only and I can't make any changes there.

If needed I can provide the private key in a dm for testing purposes.

[github-actions[bot]]

There hasn't been any activity on this issue recently, so we clean up some of the older and inactive issues. Please make sure to update to the latest version and check if that solves the issue. Let us know if that works for you by leaving a comment 👍 This issue has now been marked as stale and will be closed if no further activity occurs. Thanks!