ron's questions -server

ron

Asked: 2023-12-20 23:06:44 +0800 CST

Can iptables relate the physical wireguard UDP connection to the tunneled TCP session?

I'm locking down the egress of my Linux box, making OUTPUT chain default deny.

My wireguard peers are from the subnet 10.1.0.0/16. Originally I thought I can just -A OUTPUT -d 10.1.0.0/16 -j ACCEPT, and while that is needed, it is not sufficient in itself.

As confirmed by tracing, the physical UDP connection to the wireguard peer also needs allowing, which makes sense on second thought.

Now, I could go on and manually allow the wireguard port of the peer endpoints. But I wonder if there's some more automatic mechanism, that would relate the physical UDP packets to the already allowed tunnel packet, and automatically allow it?

Can iptables relate the physical wireguard UDP connection to the tunneled TCP session?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?