On Mon, Dec 17, 2018 at 9:49 AM KeXianbin(http://diyism.com) <kexian...@diyism.com> wrote: > I found the definition in manual: > AllowedIPs — a comma-separated list of IP (v4 or v6) addresses with CIDR masks > from which incoming traffic for this peer is allowed and to which > outgoing traffic for this peer is directed > > from: https://manpages.debian.org/unstable/wireguard-tools/wg.8.en.html
Yes, that is indeed what the man page says and it is the expected behavior. You've reported here, however, "Currently, the peer can set any IP, for example 10.1.0.4, and can send packets to my http://10.1.0.1:80 from 10.1.0.4," which sounds bad and like something worth taking seriously, if I'm interpreting that correctly. Would you take the time to create a reproducer similar to what I posted in my last email? Thanks, Jason _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard