What's new

Wireguard Using wireguard to tunnel to another geolocation

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Is there anything I need to do so that the Wireguard will start up and connect as a client if the router is rebooted? will it automatically reconnect?
Thats the
Code:
E:Option ==> peer wg11 auto=P
It will make wg11 autostart at boot in policy mode. But you need to add the rule first.
 
Glad to hear it!



The easiest way to setup the ipset is to install x3mrouting from amtm, use option 3 (OpenVPN Event & x3mRouting Script).

Then create your ipset from the shell, ie:
Code:
x3mRouting ipset_name=NETFLIX dnsmasq=netflix.com,nflxext.com,nflximg.net,nflxso.net,nflxvideo.net
And it will setup autosave/restore and dnsmasq for you, so the ipset "NETFLIX" is then ready to be plugged into wgm according to my guide.
Very happy this is all working so well, Mrs is very happy, thinks i'm a genius LOL ;-)


Thanks for the tip, I installed x3mrouting from 'amtm' under option 6 and then inside x3mrouting did the option 3 for the openVPN event and x3mrouting script.

Then create your ipset from the shell, ie:
Code:
x3mRouting ipset_name=NETFLIX dnsmasq=netflix.com,nflxext.com,nflximg.net,nflxso.net,nflxvideo.net
And it will setup autosave/restore and dnsmasq for you, so the ipset "NETFLIX" is then ready to be plugged into wgm according to my guide.

Thankyou for the list of addresses to create the IPSET for netflix.

I can follow most of the rest of your guide, to add the IPSET to wireguard and route out via WAN (0x8000) as the DST.

Do I need to do disable of 'rp_filter' section? - I cannot quite tell if this would be mandatory or not for my use case?

If so would my code be something like this:
Code:
ip rule add from 192.168.1.90/24 fwmark 0x8000/0x8000 table main prio 9900

Additionally If I wanted to remove youtube from the tunnel I would create another IPSET like this:

Code:
x3mRouting ipset_name=YOUTUBE dnsmasq=youtube.com,youtu.be,googlevideo.com

Is there anywhere to get an initial list of youtube varient domain names?
 
I can follow most of the rest of your guide, to add the IPSET to wireguard and route out via WAN (0x8000) as the DST.
Yep.


Do I need to do disable of 'rp_filter' section? - I cannot quite tell if this would be mandatory or not for my use case?
Yes, for your wan interface (eth0). But you dont need to disable it, set it to loose (2) is enough.


If so would my code be something like this:
That would work. But you could also use from all instead of your ip it would work since other ip already routed to wan. Consider for example in the future you want to add another computer then if you use "all" then this rule will work for that computer also, otherwise not.


Additionally If I wanted to remove youtube from the tunnel I would create another IPSET like this:
Yes, to create the ipset. Then just add it in wgm. The scripts are already done so they will work for any ipsets.


Is there anywhere to get an initial list of youtube varient domain names?
There are some tools in x3mrouting, like getdomains.sh and some info on how to use them on his github:
https://github.com/Xentrk/x3mRouting

or usually for big sites you could usually find out by just googling.

Edit: your rule
Code:
ip rule add from 192.168.1.90/24 fwmark 0x8000/0x8000 table main prio 9900
does not make any sense. /24 is the same as netmask 255.255.255.0 so it will mean 192.168.1.x. use /32 for single ip. Or better, skip the ip and use
Code:
ip rule add from all fwmark 0x8000/0x8000 table main prio 9900
 
Last edited:
Thanks for all the tips, I've done all the steps now and it seems to be up and running still.

For anyones else reference this was the Youtube list I did:

Code:
x3mRouting ipset_name=YOUTUBE dnsmasq=youtube.com,youtu.be,googlevideo.com,youtu.be,video.google.com,youtube-nocookie.com,gvt1.com,youtube.googleapis.com,youtubei.googleapis.com,ytimg.com,ytimg.l.google.com,youtubekids.com,yt.be

There does seem to be loads of domains that could be added, but I added what I thought was main ones and also added my specific country location (not shown in above command). A good list is here and a few here.

Thanks to all and especially Zeb for helping me get this setup!
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top