On Wed, 8 Dec 2021 18:56:51 -0500 Dan Ritter <d...@randomstring.org> wrote:
> Charles Curley wrote: > > I have a wireguard setup that lets me ping from either endpoint to > > the other. Using the client, I would like to address hosts on the > > home (server's) network by their local IP addresses. > > > > The client's routing table looks fine after you start wg0. What > does the home server's routing table look like? root@hawk:/etc/wireguard# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default freeman.localdo 0.0.0.0 UG 0 0 0 enp3s0 10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 wg0 192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 enp3s0 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 192.168.124.0 jhegaala.locald 255.255.255.0 UG 0 0 0 enp3s0 root@hawk:/etc/wireguard# > > Is it forwarding IPv4 packets for anything else, or is this the > first time it's been a router? Not the first time. It forwards packets for 192.168.122.0/24, a virtual network of virtual machines. > > Does it have any firewall policies or rules? Yes. However, dropping all firewall rules makes no discernible difference. I also instrumented both interfaces with "tcpdump -i wg0". I saw plenty of DNS and ICMP traffic originating on the client, aimed at the server's wg0 IF. But nothing for 192.168.100.0/24 showed up. > > -dsr- > -- Does anybody read signatures any more? https://charlescurley.com https://charlescurley.com/blog/