Open alexm99 opened 5 months ago
Interesting usage! Because traffic only can go through 172.16.0.30/32
, the healthcheck and other network calls fail, that's normal. Do you actually want to restrict VPN traffic to only be able to reach 172.16.0.30/32 or you would be fine allowing all addresses? 🤔
I use Gluetun as sidecar container in kubernetes.
I am trying to achieve the following behavior: The containers should work as usual but when I try to make request to 172.16.0.30 I want the traffic to go through the vpn. I tried to use WIREGUARD_ALLOWED_IPS to achieve it.
Oh this is not going to work with Gluetun well, especially since it has this whole firewall to block traffic not going through the tunnel. Let's keep it opened for the future, since it's feasible, but hard and a lot of changes needed. At least for the healthcheck to pass, you could add 1.1.1.1
to the allowed ip, and that should do it. You could fiddle with ip routing (or ruling) on your host to have specific containers tunnel through Gluetun only for 172.16.0.30
(and allow all in allowed ips), but that's a bit out of scope (but feel free to comment, I can document it!)
Is this urgent?
None
Host OS
No response
CPU arch
None
VPN service provider
Custom
What are you using to run the container
docker run
What is the version of Gluetun
Running version v3.37.0 built on 2024-01-02T00:01:06.245Z (commit c826707)
What's the problem 🤔
Hi, I have an issue when I configure a custom Wireguard connection I am trying to configure Wireguard to forward traffic only for specific IP 172.16.0.30 I use the following command: docker run -p 8888:8888 -p 8388:8388 -it --rm --cap-add=NET_ADMIN -e VPN_SERVICE_PROVIDER=custom -e VPN_TYPE=wireguard -e VPN_ENDPOINT_IP=111.111.111.111 -e VPN_ENDPOINT_PORT=51820 -e WIREGUARD_PUBLIC_KEY=-e WIREGUARD_PRIVATE_KEY= -e WIREGUARD_ADDRESSES= -e WIREGUARD_PRESHARED_KEY= -e WIREGUARD_ALLOWED_IPS="172.16.0.30/32" qmcgaw/gluetun:v3.37
It works only if I remove WIREGUARD_ALLOWED_IPS:
Share your logs (at least 10 lines)
Share your configuration