Skip to content

nagornin/wg-split

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
wgs-exclude.sh
wgs-exclude.sh
 
 
wgs-route.sh
wgs-route.sh
 
 
wgs-setup.sh
wgs-setup.sh
 
 

Repository files navigation

wg-split

This is a series of scripts that allows you to:

  • Run a specific application/command through a WireGuard tunnel
  • Exclude an application from a WireGuard tunnel

Warning

The code is pretty hacky and probably has bugs, but it works on my machine. Notably, you have to set the DNS field in your WireGuard config for it to work properly. There's certainly a better way to do split tunneling on Linux.

Usage

Edit wgs-setup.sh and specify a path to your WireGuard config file. After that, you can run wgs-route.sh with your command to route it through the tunnel. Alternatively, run wgs-exclude.sh to exclude a program from the tunnel.

Do NOT run these scripts as root, they will prompt you for a password automatically.

How it works

  • wgs-setup.sh creates a new network namespace that only has the WireGuard interface in it.
  • wgs-route.sh executes a command in the network namespace that was set up by wg-setup.sh.
  • wgs-exclude.sh simply uses firejail to add all interfaces to a sandbox except the WireGuard interface. This seems to work well enough.

Example

$ ./wgs-route.sh curl ifconfig.me
<VPN IP>
$ curl ifconfig.me
<real IP>

About

WireGuard split tunneling on Linux.

Topics

wireguard split-tunneling

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages