roles/wgtor/templates/wgtor0.conf.j2


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

[Interface]
PrivateKey = {{ wireguard_private_key }}
Address = 10.0.2.1/24
ListenPort = 51822

# See for source of iptables rules.
# https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TransparentProxy

PostUp = iptables -t nat -A PREROUTING -i %i -p udp --dport 53 -j REDIRECT --to-ports 5353
PostUp = iptables -t nat -A PREROUTING -i %i -p udp --dport 5353 -j REDIRECT --to-ports 5353
PostUp = iptables -t nat -A PREROUTING -i %i -p tcp --syn -j REDIRECT --to-ports 9040
PostUp = iptables -t nat -A OUTPUT -p tcp -d 10.192.0.0/10 -j REDIRECT --to-ports 9040

PostDown = iptables -t nat -D PREROUTING -i %i -p udp --dport 53 -j REDIRECT --to-ports 5353
PostDown = iptables -t nat -D PREROUTING -i %i -p udp --dport 5353 -j REDIRECT --to-ports 5353
PostDown = iptables -t nat -D PREROUTING -i %i -p tcp --syn -j REDIRECT --to-ports 9040
PostDown = iptables -t nat -D OUTPUT -p tcp -d 10.192.0.0/10 -j REDIRECT --to-ports 9040

# earth
[Peer]
PublicKey = HhBhDQmGzltIGQOn+clbRIkQt7ocPAuqsUS+ytinIwU=
AllowedIPs = 10.0.2.2/32