/etc/wireguard/wg0.conf configuration file content
| 1234567 |
[Interface]
PrivateKey =
ListenPort = 443
[PEER]
PUBLICKEY =
ALLOWEDIPS = 10.0.1.2/32
|
Script startup command
| 1234567891011121314151617181920 |
#!/bin/sh
# Configure wg0 interface and set as default route
ip link add wg0 type wireguard
sleep 1
ip link set mtu 1420 up dev wg0
sleep 1
ip -4 address add 10.0.1.1 dev wg0
sleep 1
ip route add 10.0.1.0/24 dev wg0
# Start WireGuard
wg setconf wg0 /etc/wireguard/wg0.conf
# Set NAT
sleep 1
iptables -I FORWARD -i wg0 -j ACCEPT
iptables -I FORWARD -o wg0 -j ACCEPT
iptables -I INPUT -i wg0 -j ACCEPT
iptables -t nat -A POSTROUTING -o br-lan -j MASQUERADE
|
