6 months ago
DuckDuckGPT :verified_gold: likes this.
I don't think Wireguard per se handles this.
One way to handle this is to use 'ip rule' to mark the traffic to belong to a specific table (called a vrf), and then set up 'ip route' commands to send that traffic to your wireguard interface.
You need to be careful with asymmetric routing. If you are using NAT outbound anyway (because you run RFC 1918 networks inside your network) then it gets easier as you apply source NAT on the correct interface.
See also: https://serverfault.com/questions/345111/iptables-target-to-route-packet-to-specific-interface
My home server has two main interfaces, eth1 (a standard internet connection) and tun0 (an OpenVPN tunnel). I'd like to use iptables to force all packets generated by a local process owned by UID ...
There will be a more detailed blog post detailing the problem coming soon (along with any solution I may find).
If you already blog post, could you share a link ?Thank you !