Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

More granular allow WireGuard LAN #600

Open
jwijenbergh opened this issue Jul 18, 2024 · 0 comments
Open

More granular allow WireGuard LAN #600

jwijenbergh opened this issue Jul 18, 2024 · 0 comments

Comments

@jwijenbergh
Copy link
Collaborator

jwijenbergh commented Jul 18, 2024
edited
Loading

The problem is that WireGuard LAN by default is blocked. This is great for security but makes it a bit difficult for usability. It would be cool to e.g.

  • maybe let the user still allow certain ranges, e.g. for docker: 172.17. 0.0/16
  • Allow RFC1918 routes by default. Currently the LAN toggle is whether or not to add the "suppress prefixlength 0" rule. See https://ro-che.info/articles/2021-02-27-linux-routing for a good recap of what this does
  • allow LAN on a network basis, e.g. by SSID or WIFI settings (e.g. allow wireguard LAN on enterprise networks)
  • allow certain applications to go outside of the VPN (difficult to do securely)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jwijenbergh