(Sorry, I just realized I replied to just your email address, replying
again to the mailing list this time.)
On 2023年08月16日 10:05, Stuart Henderson wrote:
> wireguard-tools is not required, everything you need for wg(4) is in
> the base OS.
Oh, I didn't know that.
In that case, valid point.
>
Hi,
I appreciate the valuable advices you provided about pf rules in
OpenBSD. I am currently away on a trip, but once I return, I will
thoroughly test those rules and provide you with feedback.
On Wed, Aug 16, 2023 at 3:50 PM Stuart Henderson
wrote:
>
> On 2023-08-14, SOUBHEEK NATH wrote:
> >
On 2023-08-14, SOUBHEEK NATH wrote:
> 2. Please have a look at the configuration I have implemented.
>
> pass in quick on wg0 proto tcp from 10.0.8.3/32 to any port {22 80}
> block in on wg0 proto tcp from any to any port {22 80}
> block in quick on bwfm0 proto tcp from any to any
On Mon, Aug 14, 2023 at 05:54:55PM +0530, SOUBHEEK NATH said:
2. Please have a look at the configuration I have implemented.
pass in quick on wg0 proto tcp from 10.0.8.3/32 to any port {22 80}
block in on wg0 proto tcp from any to any port {22 80}
block in quick on bwfm0 proto tcp
Hello,
The solution you both provided, worked well.
1. I do not use nano! I use the vi editor for my tasks.
2. Please have a look at the configuration I have implemented.
pass in quick on wg0 proto tcp from 10.0.8.3/32 to any port {22 80}
block in on wg0 proto tcp from any to any
On 2023年08月13日 12:17, Stuart Henderson wrote:
> >https://www.vultr.com/docs/install-wireguard-vpn-server-on-openbsd-7-0/
>
> what a mess of things from the base OS and unneeded third-party tools.
>
List of tools:
wireguard-tools (required), nano (vim would have been enough), and the
rest is
6. In that case, simply change "10.0.8.0/24" to "10.0.8.4/32".
For explanation sake, .0/24 means "everything connected to this
network", whereas ".4/32" means "only this specific machine", so does
".3/32", ".2/32", ".5/32", and so on.
7. If you've followed Vultr's post, you might consider
>Based on my understanding of the OpenBSD PF-Packet filtering document
>(https://www.openbsd.org/faq/pf/filter.html), the intention of this
>pf rule is to allow only the IP address 10.0.8.4 to access ports 22
>and 80. However, currently both machines with IP addresses 10.0.8.2
>
Hello Lain,
I appreciate your feedback and the time you took to provide it.
1. I set up OpenBSD 7.3 on a Raspberry Pi 4B with 4GB of RAM, which is
running from a USB drive.
2. This is not a production environment, it is solely for educational
purposes.
3. The router is currently using its
I failed to come up with reasons for using a preshared key, so I've let
ChatGPT generate reasons for me:
Certainly! WireGuard's use of a preshared key (PSK) adds an additional layer of
symmetric encryption to the standard asymmetric encryption. Here's a brief
explanation of the advantage:
1.
First off, unless you faked your private and public keys, please change
them as soon as possible.
You've just made yourself volunerable to cyber attacks!
If I understand you correctly, you want to be able to SSH and HTTP only
over WireGuard, right?
In that case, on your WireGuard server:
# Block
Dear OpenBSD Mailing List Community,
I hope this email finds you well. I am writing to seek your expertise
and guidance regarding a Wireguard VPN configuration and pf rules on my
OpenBSD 7.3 system. I have successfully set up a Wireguard VPN using
the provided interface configuration, and the VPN
12 matches
Mail list logo
