Skip to content

Instantly share code, notes, and snippets.

@Nithanim
Nithanim / README.md
Created November 28, 2020 15:33
Allow binding a specific program to wireguard for full internet access

This config allows the usage of a dedicated interface from wireguard (or openvpn or whatever) to be used by programs without tunneling all internet traffic to it (default gateway). The program must be able to bind to a specific network interface (the one from wireguard or openvpn). Since only one default route can exist, we use the fact that with iproute2 it is possible to have muliple routing tables where one default route for each table is allowed. The findigns are based on the article here: https://www.thomas-krenn.com/de/wiki/Zwei_Default_Gateways_in_einem_System

Pre-defined (rather "named") tables can be found in /etc/iproute2/rt_tables. This file holds a mapping between the id and the name (separated by whitespace). In commands these names can be used instead of the id but this is not required but might be easier to remember what table is used for what connection. Pretty much any free id can be used. If you look closely when using the wireguard default routing, you can see table 51821 in the output