From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: lordkitsuna112@gmail.com Received: from krantz.zx2c4.com (localhost [127.0.0.1]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 20d9cd0f for ; Thu, 28 Sep 2017 05:17:20 +0000 (UTC) Received: from mail-wr0-f179.google.com (mail-wr0-f179.google.com [209.85.128.179]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 64347678 for ; Thu, 28 Sep 2017 05:17:20 +0000 (UTC) Received: by mail-wr0-f179.google.com with SMTP id a43so686781wrc.0 for ; Wed, 27 Sep 2017 22:45:34 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: References: From: Lord Kitsuna Date: Wed, 27 Sep 2017 22:45:32 -0700 Message-ID: Subject: Re: Bridge interfaces? To: "Jason A. Donenfeld" Content-Type: multipart/alternative; boundary="94eb2c14a378af0f88055a396a84" Cc: WireGuard mailing list List-Id: Development discussion of WireGuard List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , --94eb2c14a378af0f88055a396a84 Content-Type: text/plain; charset="UTF-8" Oh hey missed this reply, thanks! That was what i needed working beautifully. On Sep 23, 2017 3:44 PM, "Jason A. Donenfeld" wrote: > Hi, > > Yes indeed this is possible. Enable ip forwarding (sysctl -w > net.ipv4.ip_forwarding=1), and then make sure you have the correct > routes set. You may have to add a few entries to your allowed-ips to > ensure that the network is okay with wireguard, or, perhaps easier, > would to just enable MASQUERADEing (iptables -t nat -A POSTROUTING -s > 10.8.8.0/24 -o tinc0 -j MASQUERADE, where 10.8.8.0/24 is the wireguard > network.) > > There are a lot of ways to skin the cat, and I suspect if you write > back with details of network segments and whatnot, there might be > others who might have their own useful opinions. Alternatively, you > can always ask in #wireguard on Freenode. > > Jason > --94eb2c14a378af0f88055a396a84 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Oh hey missed this reply, thanks! That was what i needed = working beautifully.=C2=A0

On Sep 23, 2017 3:44 PM, "Jason A. Donenfeld" &l= t;Jason@zx2c4.com> wrote:
Hi,

Yes indeed this is possible. Enable ip forwarding (sysctl -w
net.ipv4.ip_forwarding=3D1), and then make sure you have the correct
routes set. You may have to add a few entries to your allowed-ips to
ensure that the network is okay with wireguard, or, perhaps easier,
would to just enable MASQUERADEing (iptables -t nat -A POSTROUTING -s
10.8.8.= 0/24 -o tinc0 -j MASQUERADE, where 10.8.8.0/24 is the wireguard
network.)

There are a lot of ways to skin the cat, and I suspect if you write
back with details of network segments and whatnot, there might be
others who might have their own useful opinions. Alternatively, you
can always ask in #wireguard on Freenode.

Jason
--94eb2c14a378af0f88055a396a84--