Bring up wireguard interface with wg script: Difference between revisions

From AcrodusWiki
(Created page with "This is the example script and associated config file for the vpn client. This was connecting to a vpn server hosted on the home network. wg_acrodus_up.sh #!/bin/bash ip l add dev wg0 type wireguard wg setconf wg0 wg_acrodus.conf ip a add 10.0.0.2/32 dev wg0 ip l set dev wg0 up wg set wg0 fwmark 51821 ip -4 rule add not fwmark 51821 table 51821 ip -4 route add 0.0.0.0/0 dev wg0 table 51821 ip -6 rule add not fwmark 51821 table 51821 ip -6 route add ::/0 dev wg0 tab...")
 
No edit summary
 
(7 intermediate revisions by the same user not shown)
Line 1: Line 1:
This is the example script and associated config file for the vpn client. This was connecting to a vpn server hosted on the home network.
This is the example script and associated config file for the vpn client. This was connecting to a vpn server hosted on the home network.


<pre>
wg_acrodus_up.sh  
wg_acrodus_up.sh  
#!/bin/bash
#!/bin/bash


ip l add dev wg0 type wireguard
ip l add dev wg0 type wireguard
Line 16: Line 17:
ip -6 rule add not fwmark 51821 table 51821
ip -6 rule add not fwmark 51821 table 51821
ip -6 route add ::/0 dev wg0 table 51821
ip -6 route add ::/0 dev wg0 table 51821
</pre>


<pre>
wg_acrodus.conf


wg_acrodus.conf
[Interface]
[Interface]
PrivateKey = KMbtL28SVof35/RM9/aqFvbpuSH4PRpuzDGtfq9UhXQ=
PrivateKey = KMbtL28SVof35/RM9/aqFvbpuSH4PRpuzDGtfq9UhXQ=
Line 29: Line 32:
EndPoint = vpn.acrodus.uk:51821
EndPoint = vpn.acrodus.uk:51821
PersistentKeepalive = 10
PersistentKeepalive = 10
 
</pre>


A note to future Alex, wg-quick .conf files have different parameters to wg .conf files. Also remember the importance of the fwmark.
A note to future Alex, wg-quick .conf files have different parameters to wg .conf files. Also remember the importance of the fwmark.
Update from future Alex, fwmark was not required for VPN server tunnels, think about it.

Latest revision as of 16:07, 5 August 2025

This is the example script and associated config file for the vpn client. This was connecting to a vpn server hosted on the home network. 

wg_acrodus_up.sh 

#!/bin/bash

ip l add dev wg0 type wireguard
wg setconf wg0 wg_acrodus.conf
ip a add 10.0.0.2/32 dev wg0
ip l set dev wg0 up
wg set wg0 fwmark 51821

ip -4 rule add not fwmark 51821 table 51821
ip -4 route add 0.0.0.0/0 dev wg0 table 51821

ip -6 rule add not fwmark 51821 table 51821
ip -6 route add ::/0 dev wg0 table 51821

wg_acrodus.conf 

[Interface]
PrivateKey = KMbtL28SVof35/RM9/aqFvbpuSH4PRpuzDGtfq9UhXQ=
ListenPort = 51821
fwMark = 51821

[Peer]
PublicKey = cNfZAhVdRi83k35yHOF9rFeOk9KT94vvSj1ALw8GSnE=
AllowedIPs = 0.0.0.0/0, 0::/0
EndPoint = vpn.acrodus.uk:51821
PersistentKeepalive = 10

A note to future Alex, wg-quick .conf files have different parameters to wg .conf files. Also remember the importance of the fwmark. Update from future Alex, fwmark was not required for VPN server tunnels, think about it.

Retrieved from "http://wiki.acrodus.uk/index.php?title=Bring_up_wireguard_interface_with_wg_script&oldid=130"