Search results
-
Z
wgclient-start with iptables nat rules after router reboot
This actually could be nice all-in-one script :) Questions: Are /etc/wg/* files anyhow documented and stable (naming, existence, its purpose, whatever...)? I am a "normal" user who usually fiddle only with official APIs to avoid future problems (unannounced change of background stuff). I might...- zjarkov
- Post #18
- Forum: Asuswrt-Merlin
-
Z
wgclient-start with iptables nat rules after router reboot
Didn't try it yet but in general that could work with some adjustments. At first you can do the test more elegant way if grep -q "$NAT_RULE" $file; then and as second you should remove particular rules from /etc/wg/fw_wgc1_nat.sh in wgclient-stop, otherwise, when you stop/disable the client, the...- zjarkov
- Post #15
- Forum: Asuswrt-Merlin
-
Z
wgclient-start with iptables nat rules after router reboot
Argh, copy pasted from console and missed that overflowed one :) fixed...- zjarkov
- Post #13
- Forum: Asuswrt-Merlin
-
Z
wgclient-start with iptables nat rules after router reboot
Sure, anyway, I'll be thankful if you find any problem or possible vulnerability... Here you go: nat-start #!/bin/sh # cycle all running WireGuard clients for wgc in `ls /tmp/wgclient-enabled_* 2>/dev/null`; do # reload/re-run the `wgclient-start X` /jffs/scripts/wgclient-start...- zjarkov
- Post #11
- Forum: Asuswrt-Merlin
-
Z
wgclient-start with iptables nat rules after router reboot
At the end I have used nat-start, as suggested by @ZebMcKayhan, to check for running wg clients and rerun wgclient-start which has been made safe to reload/rerun - avoiding adding duplicate nat rules.- zjarkov
- Post #9
- Forum: Asuswrt-Merlin
-
Z
wgclient-start with iptables nat rules after router reboot
Thank you for the options. I have a few questions to 3) Does it persist between FW upgrades? Under what condition it is (re)generated? I presume I could loose customization from time to time.- zjarkov
- Post #7
- Forum: Asuswrt-Merlin
-
Z
wgclient-start with iptables nat rules after router reboot
Hi, your guess is correct at the end, just traces in syslog are not as originally expected, thx for a tip. I let log file to be polluted from nat-start and wgclient-start and (at least) in my case the nat-start is called 3 times during boot when the last call is done approx 13s after WG start...- zjarkov
- Post #6
- Forum: Asuswrt-Merlin
-
Z
wgclient-start with iptables nat rules after router reboot
Thrilled for a while, but this doesn't seems to be the case :-( @router:/tmp/home/root# grep -ni restart_firewall /tmp/syslog.log* /tmp/syslog.log:428:May 5 07:05:10 rc_service: service 1511:notify_rc restart_firewall /tmp/syslog.log:541:May 5 07:05:13 rc_service: waitting "restart_firewall"...- zjarkov
- Post #3
- Forum: Asuswrt-Merlin
-
Z
wgclient-start with iptables nat rules after router reboot
I have a wgclient-start (and its wgclient-stop counterpart) with some iptables rules to modify a nat. It works as expected when enabling/disabling wg client. However, after router (RT-AX86U with 388.2_2) reboot, all iptables rules set by the script are missing though the script has been...- zjarkov
- Thread
- iptables nat wireduard
- Replies: 19
- Forum: Asuswrt-Merlin