From d1d70ee9089bf35ccff36d12cb2a90965ec33d9d Mon Sep 17 00:00:00 2001 From: sheikhmishar Date: Thu, 20 Feb 2025 11:38:55 +0600 Subject: [PATCH] added multiple allowed IPs support via wg0.json --- README.md | 2 +- src/lib/WireGuard.js | 16 ++++++++++------ 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 3c100cc4..1a671fe0 100644 --- a/README.md +++ b/README.md @@ -94,7 +94,7 @@ The Web UI will now be available on `http://0.0.0.0:51821`. The Prometheus metrics will now be available on `http://0.0.0.0:51821/metrics`. Grafana dashboard [21733](https://grafana.com/grafana/dashboards/21733-wireguard/) -> 💡 Your configuration files will be saved in `~/.wg-easy` +> 💡 Your configuration files will be saved in `~/.wg-easy`. You can modify `wg0.json` file for per client configuration. `extraAllowedIPs` and `serverPeerAllowedIPs` can be used for multi-network/gateway support WireGuard Easy can be launched with Docker Compose as well - just download [`docker-compose.yml`](docker-compose.yml), make necessary adjustments and diff --git a/src/lib/WireGuard.js b/src/lib/WireGuard.js index 8ce325f7..e659a705 100644 --- a/src/lib/WireGuard.js +++ b/src/lib/WireGuard.js @@ -79,10 +79,6 @@ module.exports = class WireGuard { throw err; }); - // await Util.exec(`iptables -t nat -A POSTROUTING -s ${WG_DEFAULT_ADDRESS.replace('x', '0')}/24 -o ' + WG_DEVICE + ' -j MASQUERADE`); - // await Util.exec('iptables -A INPUT -p udp -m udp --dport 51820 -j ACCEPT'); - // await Util.exec('iptables -A FORWARD -i wg0 -j ACCEPT'); - // await Util.exec('iptables -A FORWARD -o wg0 -j ACCEPT'); await this.__syncConfig(); } @@ -120,7 +116,9 @@ PostDown = ${WG_POST_DOWN} [Peer] PublicKey = ${client.publicKey} ${client.preSharedKey ? `PresharedKey = ${client.preSharedKey}\n` : '' -}AllowedIPs = ${client.address}/32`; +}AllowedIPs = ${client.address}/32${ + client.serverPeerAllowedIPs ? "," + client.serverPeerAllowedIPs : "" +}`; } debug('Config saving...'); @@ -153,6 +151,8 @@ ${client.preSharedKey ? `PresharedKey = ${client.preSharedKey}\n` : '' ? new Date(client.expiredAt) : null, allowedIPs: client.allowedIPs, + extraAllowedIPs: client.extraAllowedIPs || '', + serverPeerAllowedIPs: client.serverPeerAllowedIPs || '', oneTimeLink: client.oneTimeLink ?? null, oneTimeLinkExpiresAt: client.oneTimeLinkExpiresAt ?? null, downloadableConfig: 'privateKey' in client, @@ -222,7 +222,9 @@ ${WG_MTU ? `MTU = ${WG_MTU}\n` : ''}\ [Peer] PublicKey = ${config.server.publicKey} ${client.preSharedKey ? `PresharedKey = ${client.preSharedKey}\n` : '' -}AllowedIPs = ${WG_ALLOWED_IPS} +}AllowedIPs = ${WG_ALLOWED_IPS}${ + client.extraAllowedIPs ? (',' + client.extraAllowedIPs) : '' +} PersistentKeepalive = ${WG_PERSISTENT_KEEPALIVE} Endpoint = ${WG_HOST}:${WG_CONFIG_PORT}`; } @@ -273,6 +275,8 @@ Endpoint = ${WG_HOST}:${WG_CONFIG_PORT}`; privateKey, publicKey, preSharedKey, + extraAllowedIPs: '', + serverPeerAllowedIPs: '', createdAt: new Date(), updatedAt: new Date(),