• xabadak
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Do you know how to make it so all the host’s traffic is sent through the VPN namespace? I couldn’t figure out how to do this so I ended up just writing my own firewall. Network namespaces seems like a better solution.

    • the_third@feddit.de
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I haven’t found the time to research an answer for you, sorry. The way I’d go is: create a veth of your physical uplink and stuff it into its own namespace with dhcp client and wg userspace tools. Do not configure the original interface in your initial namespace. Use the approach wg-netns uses to spawn the tunnel interface in initial network ns. Done.

      • xabadak
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        No worries, and thanks for providing a response nonetheless. I’ll look into your suggestion when I have the time. The official Wireguard website also had some guide on network namespaces here but afaik it didn’t explain how to set it up persistently