Recent content by ZebMcKayhan

Hmm ok... the /1 means you only include half the internet (0.0.0.0 - 127.255.255.255). Are you using the VPS to connect to router wg server and relay clients? Here is how I did it https://github.com/ZebMcKayhan/WireguardManager?tab=readme-ov-file#setup-private-server-via-cloud-server (You need...

I have had issues in my setup and the problem was that the router gives an ipv4/ipv6 to the client, so the client thinks it have both. In my case ipv6 was not working which caused issues. In your case ipv6 may work but through wan and not vpn, so from a different city/country. This is what I...

The only thing that comes into mind is perhaps ipv6 issues. Do you have ipv6 enabled on the router?

There are no such option in the gui. I belive this is possible using the VPNMON addon, have a look: https://www.snbforums.com/threads/vpnmon-r3-v1-8-3-jan-17-2026-monitor-openvpn-wireguard-wan-dual-wan-health-random-reset-multiple-connections-available-in-amtm.95416/post-965374

That is one of the reasons I like ntfy.sh. you dont even need to register at all, not even give them your email address. Just open the app and subscribe to a channel of your own name and it just works. All public services have a tendency to die out after some time which drives me crazy. This is...

That would be a nice service. However, my carrier only does this for corperate customers, and not free.

Thanks! I did not know this. Perhaps I'm missing something but as far as I can see, pushover cost ~5 USD per platform as a one time cost. The cost is reasonable I would say as your information is kept private, it's definitely a solid option. I've downloaded and started my trial to test it out...

Recently my alarm manufacturer cancelled their free push notification service and redirected to a cloud service which I cannot even setup as an end user - frustrating! It got me thinking about doing this myself, I mean, how hard could it be, right? One part of the problem is how to get push...

You dont need to setup packet marks for this, that just complicates things. This is a good start: https://www.snbforums.com/threads/guide-wireguard-portforwarding.89737/post-903628

This is not really my area, so I probably cant help you. DoT is something I would expect to be used externally, like directly out to a public dns server or between something like stubby on the router which requests DoT externally or if dnsmasq can do this now days possibly. I wouldnt expect DoT...

The problem with using firewall-start isthat the firewall is not restarted when wgs1 starts, so your rules may be superseded when wgs1 starts. The firmware is already prepared to do all this in the wgserver-start hook script, but you need to amend the /etc/wg/fw_wgs1.sh file which is executed...

I dont do that. There always a risk with whatever you do and this means different things to different people. Not sure I understand what you mean. With the firewall rule removed, there is basically the same access from WG server to the router that there is from WAN to the router. Run a...

Sure, but there is really no need. The firewall is built up upon dropping everything last, then on top of it allow whatever should be allowed. now we removed the firewall rule that would allow wgs1 to access the router so this means it will be dropped by the firewall. any specific reason you...

Depends, and up to you. I didnt know you had IPv6 enabled. So, right now the firewall allows IPv6 from Wireguard Server to the router but not IPv4. if you are not using IPv6 over your VPS then it shouldnt matter. but just for the sake of: /jffs/scripts/wgserver-start #!/bin/sh #remove firewall...

No, that would not be reliable as the firewall rebuilds itself every now and then and not when wg-server is started. We would need to do this in wgserver-start First you need to turn on userscripts in the gui (Administration -> system) Then edit the file executed when wg server starts nano...