I have a VPN setup, which requires me to instruct how traffic should be routed.
It won't work immediately by bringing the WireGuard interface, and the server can't be configured to do the routing there.
I'm trying to migrate this script to a split-vpn setup, but I'm not sure if it is even possible at all.
This is how it currently works:
wg-quick up ~/marla.conf
ip a add 123.123.123.123/32 dev lo
ip r add default dev marla table krok
ip r add 172.0.0.2/30 dev marla table krok
ip rule add iif lo from 123.123.123.123 table krok
ip rule add from 123.123.123.123 table krok
# br0 going out of the VPN and not through WAN
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o marla -j SNAT --to-source 123.123.123.123
iptables -A FORWARD -i br0 -o ppp0 -j DROP
iptables -A FORWARD -i marla -o br0 -m state --state RELATED,ESTABLISHED -j ACCEPT
ip rule add iif br0 table krok
I have a VPN setup, which requires me to instruct how traffic should be routed.
It won't work immediately by bringing the WireGuard interface, and the server can't be configured to do the routing there.
I'm trying to migrate this script to a split-vpn setup, but I'm not sure if it is even possible at all.
This is how it currently works:
Any help would be greatly appreciated.