diff options
| author | Christian Cleberg <hello@cleberg.net> | 2024-04-29 14:18:55 -0500 |
|---|---|---|
| committer | Christian Cleberg <hello@cleberg.net> | 2024-04-29 14:18:55 -0500 |
| commit | fdd80eadcc2f147d0198d94b7b908764778184a2 (patch) | |
| tree | fbec9522ea9aa13e8105efc413d2498c3c5b4cd6 /content/blog/2023-07-12-wireguard-lan.md | |
| parent | d6c80fdc1dea9ff242a4d3c7d3939d2727a8da56 (diff) | |
| download | cleberg.net-fdd80eadcc2f147d0198d94b7b908764778184a2.tar.gz cleberg.net-fdd80eadcc2f147d0198d94b7b908764778184a2.tar.bz2 cleberg.net-fdd80eadcc2f147d0198d94b7b908764778184a2.zip | |
format line wrapping and fix escaped characters
Diffstat (limited to 'content/blog/2023-07-12-wireguard-lan.md')
| -rw-r--r-- | content/blog/2023-07-12-wireguard-lan.md | 62 |
1 files changed, 29 insertions, 33 deletions
diff --git a/content/blog/2023-07-12-wireguard-lan.md b/content/blog/2023-07-12-wireguard-lan.md index 0c2cebc..b12c65e 100644 --- a/content/blog/2023-07-12-wireguard-lan.md +++ b/content/blog/2023-07-12-wireguard-lan.md @@ -7,13 +7,13 @@ draft = false # Download Configuration Files from Mullvad -To begin, you\'ll need [Wireguard configuration files from -Mullvad](https://mullvad.net/account/wireguard-config). You can choose -any of the options as you download them. For example, I enabled the kill -switch, selected all countries, and selected a few content filters. +To begin, you'll need [Wireguard configuration files from +Mullvad](https://mullvad.net/account/wireguard-config). You can choose any of +the options as you download them. For example, I enabled the kill switch, +selected all countries, and selected a few content filters. -Once downloaded, unzip the files and move them to the Wireguard folder -on your system. +Once downloaded, unzip the files and move them to the Wireguard folder on your +system. ```sh cd ~/Downloads @@ -40,41 +40,38 @@ AllowedIPs = <redacted> Endpoint = <redacted> ``` -> Note: If you didn\'t select the kill switch option, you won\'t see the -> `PostUp` and `PreDown` lines. In this case, -> you\'ll need to modify the script below to simply append those lines -> to the `[Interface]` block. +> Note: If you didn't select the kill switch option, you won't see the +> `PostUp` and `PreDown` lines. In this case, you'll need to modify the script +> below to simply append those lines to the `[Interface]` block. # Editing the Configuration Files -Once you have the files, you\'ll need to edit them and replace the -`PostUp` and `PreDown` lines to enable LAN access. +Once you have the files, you'll need to edit them and replace the `PostUp` and +`PreDown` lines to enable LAN access. -I recommend that you do this process as root, since you\'ll need to be -able to access files in `/etc/wireguard`, which are generally -owned by root. You can also try using `sudo` or -`doas`, but I didn\'t test that scenario so you may need to -adjust, as necessary. +I recommend that you do this process as root, since you'll need to be able to +access files in `/etc/wireguard`, which are generally owned by root. You can +also try using `sudo` or `doas`, but I didn't test that scenario so you may +need to adjust, as necessary. ```sh su ``` -Create the Python file that we\'ll be using to update the Wireguard +Create the Python file that we'll be using to update the Wireguard configuration files. ```sh nano replace.py ``` -Within the Python file, copy and paste the logic below. This script will -open a directory, loop through every configuration file within the -directory, and replace the `PostUp` and `PreDown` -lines with the new LAN-enabled iptables commands. +Within the Python file, copy and paste the logic below. This script will open a +directory, loop through every configuration file within the directory, and +replace the `PostUp` and `PreDown` lines with the new LAN-enabled iptables +commands. -> Note: If your LAN is on a subnet other than -> `192.168.1.0/24`, you\'ll need to update the Python script -> below appropriately. +> Note: If your LAN is on a subnet other than `192.168.1.0/24`, you'll need to +> update the Python script below appropriately. ``` python import os @@ -97,15 +94,15 @@ for file in os.listdir(dir): print("--- done ---") ``` -Once you\'re done, save and close the file. You can now run the Python -script and watch as each file is updated. +Once you're done, save and close the file. You can now run the Python script +and watch as each file is updated. ```sh python3 replace.py ``` -To confirm it worked, you can `cat` one of the configuration -files to inspect the new logic and connect to one to test it out. +To confirm it worked, you can `cat` one of the configuration files to inspect +the new logic and connect to one to test it out. ```sh cat /etc/wireguard/us-chi-wg-001.conf @@ -128,16 +125,15 @@ AllowedIPs = <redacted> Endpoint = <redacted> ``` -If you connect to a Wireguard interface, such as -`us-chi-wg-001`, you can test your SSH functionality and see -that it works even while on the VPN. +If you connect to a Wireguard interface, such as `us-chi-wg-001`, you can test +your SSH functionality and see that it works even while on the VPN. ```sh wg-quick up us-chi-wg-001 ssh user@lan-host ``` -To confirm your VPN connection, you can curl Mullvad\'s connection API: +To confirm your VPN connection, you can curl Mullvad's connection API: ```sh curl https://am.i.mullvad.net/connected |