Yes. On kernel version 4, outer packets (i.e. encrypted packets) are sent from privileged user account credentials so they pass the iptables sandbox. On kernel 5 they inherit owner id of the user who sent unencrypted packets.
. On Sun, Aug 25, 2019 at 9:52 PM Jason A. Donenfeld <[email protected]> wrote: > > Could you clarify? Do you mean that inner and outer packets were > marked differently in Linux < 5 but are now marked as belonging to the > same UID in Linux==5? _______________________________________________ WireGuard mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/wireguard
