Guest User

client.conf

a guest
Aug 16th, 2016
49
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. $ cat /etc/systemd/system/netns.service
  2.  
  3. [Unit]
  4. Description=Network Namespace Service
  5.  
  6. [Service]
  7. Type=oneshot
  8. RemainAfterExit=yes
  9. ExecStart=/bin/ip netns add physical
  10. ExecStart=/bin/ip link set enp3s0 down
  11. ExecStart=/bin/ip link set wlp2s0b1 down
  12. ExecStart=/bin/ip link set enp3s0 netns physical
  13. ExecStart=/bin/iw phy phy0 set netns name physical
  14. ExecStart=/bin/ip -n physical link add wg0 type wireguard
  15. ExecStart=/bin/ip -n physical systemctl start systemd-networkd.service
  16. ExecStart=/bin/wg setconf wg0 /etc/wireguard/client.conf
  17. ExecStart=/bin/ip address add fc00:20/7 dev wg0
  18. ExecStart=/bin/ip link set wg0 up
  19. ExecStart=/bin/ip -6 route add default dev wg0
  20. ExecStop=/bin/ip -n physical link set enp3s0 down
  21. ExecStop=/bin/ip -n physical link set wlp2s0b1 down
  22. ExecStop=/bin/ip -n physical link set enp3s0 netns 1
  23. ExecStop=/bin/ip netns exec physical iw phy phy0 set netns 1
  24. ExecStop=/bin/ip netns exec physical systemctl stop systemd-networkd.service
  25. ExecStop=/bin/ip link del wg0
  26. ExecStop=/bin/ip netns del physical
  27.  
  28. [Install]
  29. WantedBy=multi-user.target
  30.  
  31.  
  32.  
  33. $ cat /etc/systemd/network/ethernet-dhcp.network
  34.  
  35. [Match]
  36. Name=enp3s0
  37.  
  38. [Network]
  39. DHCP=ipv6
  40.  
  41.  
  42.  
  43. $ cat /etc/wireguard/client.conf
  44.  
  45. [Interface]
  46. PrivateKey = OAT5r6E1hid***iVBnY=
  47. ListenPort = 52345
  48.  
  49. [Peer]
  50. PublicKey = aMC3f6kw***UDQVwo=
  51. EndPoint = [2a01:4f8:***:***::5]:40111
  52. AllowedIPs = fc00::10/7
  53.  
  54.  
  55.  
  56. $ wg
  57.  
  58. interface: wg0
  59. public key: vWjIpwbIZD***4gR2zQE=
  60. private key: (hidden)
  61. listening port: 52345
  62.  
  63. peer: aMC3f6kw***UDQVwo=
  64. endpoint: [2a01:4f8:***:***::5]:40111
  65. allowed ips: fc00::10/7
  66. latest handshake: 14 seconds ago
  67. bandwidth: 42.15 KiB received, 51.31 KiB sent
  68.  
  69.  
  70.  
  71. $ ip a
  72.  
  73. 1: lo: <LOOPBACK> mtu 65536 qdisc noqueue state DOWN group default qlen 1
  74. link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
  75. inet 127.0.0.1/8 scope host lo
  76. valid_lft forever preferred_lft forever
  77. 4: wg0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1423 qdisc noqueue state UNKNOWN group default qlen 1
  78. link/none
  79. inet6 fc00::20/7 scope global
  80. valid_lft forever preferred_lft forever
  81. inet6 fe80::52**:****:**5a:c6bd/64 scope link flags 800
  82. valid_lft forever preferred_lft forever
  83.  
  84.  
  85.  
  86. $ ip -6 route
  87.  
  88. fc00::/7 dev wg0 proto kernel metric 256 pref medium
  89. fe80::/64 dev wg0 proto kernel metric 256 pref medium
  90. default dev wg0 metric 1024 pref medium
  91.  
  92.  
  93.  
  94. $ ip netns exec physical ip a
  95.  
  96. 1: lo: <LOOPBACK> mtu 65536 qdisc noqueue state DOWN group default qlen 1
  97. link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
  98. 2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc state UP group default qlen 1000
  99. link/ether f0:de:f1:b1:54:58 brd ff:ff:ff:ff:ff:ff
  100. inet6 2a02:2698:****:***:****:****:feb1:5458/64 scope global mngtmpaddr dynamic
  101. valid_lft 595sec preferred_lft 595sec
  102. inet6 fe80::f2**:****:**b1:5458/64 scope link
  103. valid_lft forever preferred_lft forever
  104. 3: wlp2s0b1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
  105. link/ether 64:27:37:01:4d:10 brd ff:ff:ff:ff:ff:ff
RAW Paste Data