ZebMcKayhan
Very Senior Member
Thats theIs there anything I need to do so that the Wireguard will start up and connect as a client if the router is rebooted? will it automatically reconnect?
Code:
E:Option ==> peer wg11 auto=P
Thats theIs there anything I need to do so that the Wireguard will start up and connect as a client if the router is rebooted? will it automatically reconnect?
E:Option ==> peer wg11 auto=P
Thats the
It will make wg11 autostart at boot in policy mode. But you need to add the rule first.Code:E:Option ==> peer wg11 auto=P
Very happy this is all working so well, Mrs is very happy, thinks i'm a genius LOL ;-)Glad to hear it!
The easiest way to setup the ipset is to install x3mrouting from amtm, use option 3 (OpenVPN Event & x3mRouting Script).
Then create your ipset from the shell, ie:
And it will setup autosave/restore and dnsmasq for you, so the ipset "NETFLIX" is then ready to be plugged into wgm according to my guide.Code:x3mRouting ipset_name=NETFLIX dnsmasq=netflix.com,nflxext.com,nflximg.net,nflxso.net,nflxvideo.net
Then create your ipset from the shell, ie:
And it will setup autosave/restore and dnsmasq for you, so the ipset "NETFLIX" is then ready to be plugged into wgm according to my guide.Code:x3mRouting ipset_name=NETFLIX dnsmasq=netflix.com,nflxext.com,nflximg.net,nflxso.net,nflxvideo.net
ip rule add from 192.168.1.90/24 fwmark 0x8000/0x8000 table main prio 9900
x3mRouting ipset_name=YOUTUBE dnsmasq=youtube.com,youtu.be,googlevideo.com
Yep.I can follow most of the rest of your guide, to add the IPSET to wireguard and route out via WAN (0x8000) as the DST.
Yes, for your wan interface (eth0). But you dont need to disable it, set it to loose (2) is enough.Do I need to do disable of 'rp_filter' section? - I cannot quite tell if this would be mandatory or not for my use case?
That would work. But you could also use from all instead of your ip it would work since other ip already routed to wan. Consider for example in the future you want to add another computer then if you use "all" then this rule will work for that computer also, otherwise not.If so would my code be something like this:
Yes, to create the ipset. Then just add it in wgm. The scripts are already done so they will work for any ipsets.Additionally If I wanted to remove youtube from the tunnel I would create another IPSET like this:
There are some tools in x3mrouting, like getdomains.sh and some info on how to use them on his github:Is there anywhere to get an initial list of youtube varient domain names?
ip rule add from 192.168.1.90/24 fwmark 0x8000/0x8000 table main prio 9900
ip rule add from all fwmark 0x8000/0x8000 table main prio 9900
x3mRouting ipset_name=YOUTUBE dnsmasq=youtube.com,youtu.be,googlevideo.com,youtu.be,video.google.com,youtube-nocookie.com,gvt1.com,youtube.googleapis.com,youtubei.googleapis.com,ytimg.com,ytimg.l.google.com,youtubekids.com,yt.be
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!