> On Fri, Oct 9, 2020 at 5:04 PM Roman Mamedov <[email protected]> wrote: > Seems like you misunderstand what I mean. If you use the in-VPN (internal) IP > of your VPS, all communication with the SOCKS proxy installed on the VPS will > happen via the WireGuard tunnel. No DPI can look into that.
You're right! Some questions: 1. What should I do client-side so that wireguard only covers my VPS's IP (and does not otherwise route traffic)? Will `AllowedIPs = SERVER_IP/32` do it? 2. How do I get the in-VPN IP of the server? Is it `Address` in `[Interface]`? 3. I use ufw for the firewall on the server. Will ufw block my local machine? If not, with what IP should I set ufw rules? (My local machine doesn't have a static IP.) Of course, I could alternatively expose the socks proxy to the world with a password; How secure will that be?
