Bring up wireguard interface with wg script

From AcrodusWiki
Revision as of 16:07, 5 August 2025 by Alex (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

This is the example script and associated config file for the vpn client. This was connecting to a vpn server hosted on the home network. 

wg_acrodus_up.sh 

#!/bin/bash

ip l add dev wg0 type wireguard
wg setconf wg0 wg_acrodus.conf
ip a add 10.0.0.2/32 dev wg0
ip l set dev wg0 up
wg set wg0 fwmark 51821

ip -4 rule add not fwmark 51821 table 51821
ip -4 route add 0.0.0.0/0 dev wg0 table 51821

ip -6 rule add not fwmark 51821 table 51821
ip -6 route add ::/0 dev wg0 table 51821

wg_acrodus.conf 

[Interface]
PrivateKey = KMbtL28SVof35/RM9/aqFvbpuSH4PRpuzDGtfq9UhXQ=
ListenPort = 51821
fwMark = 51821

[Peer]
PublicKey = cNfZAhVdRi83k35yHOF9rFeOk9KT94vvSj1ALw8GSnE=
AllowedIPs = 0.0.0.0/0, 0::/0
EndPoint = vpn.acrodus.uk:51821
PersistentKeepalive = 10

A note to future Alex, wg-quick .conf files have different parameters to wg .conf files. Also remember the importance of the fwmark. Update from future Alex, fwmark was not required for VPN server tunnels, think about it.

Retrieved from "http://wiki.acrodus.uk/index.php?title=Bring_up_wireguard_interface_with_wg_script&oldid=130"