today i learned how to allow specific IP addresses to bypass wireguard tunnels
this is a set of 4 addresses that are what resolve from ctt.pt and appserver.ctt.pt and appserver2.ctt.pt - essential websites for anyone living in portugal, and irritatingly geofenced so that accessing it via my bulgarian VPS address over wireguard causes the thing to not work.
you add this to the [Interface] block of your wireguard.conf
PreUp = ip route add 3.33.211.116/32 via 192.168.1.254 dev enp7s0
PostDown = ip route del 3.33.211.116/32 via 192.168.1.254 dev enp7s0
PreUp = ip route add 15.197.240.141/32 via 192.168.1.254 dev enp7s0
PostDown = ip route del 15.197.240.141/32 via 192.168.1.254 dev enp7s0
PreUp = ip route add 52.50.235.136/32 via 192.168.1.254 dev enp7s0
PostDown = ip route del 52.50.235.136/32 via 192.168.1.254 dev enp7s0
PreUp = ip route add 54.76.6.35/32 via 192.168.1.254 dev enp7s0
PostDown = ip route del 54.76.6.35/32 via 192.168.1.254 dev enp7s0
PreUp = ip route add 62.28.56.1/32 via 192.168.1.254 dev enp7s0
PostDown = ip route del 62.28.56.1/32 via 192.168.1.254 dev enp7s0
where 192.168.1.254 is the default gateway provided by your router
the CIDR suffix of 32 means "precisely this address" as it is 32 bits which is a full 4 octets address for IPv4
#wireguard #portugal #halp #geofencing #amazon
and yes, their shit is running on AWS
#fuckbezos
mleku / mleku ✝Ⓐ☯︎
npub1fj…mleku
2024-11-12 16:18:27
Author Public Key
npub1fjqqy4a93z5zsjwsfxqhc2764kvykfdyttvldkkkdera8dr78vhsmmlekuPublished at
2024-11-12 16:18:27Event JSON
{
"id": "5e2bae21229fed38dffbd6fa04160bd4eeb5a092a4664d215ff72e60a9112aef",
"pubkey": "4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f",
"created_at": 1731428307,
"kind": 1,
"tags": [
[
"t",
"wireguard"
],
[
"t",
"portugal"
],
[
"t",
"halp"
],
[
"t",
"geofencing"
],
[
"t",
"amazon"
],
[
"t",
"fuckbezos"
],
[
"client",
"noStrudel",
"31990:266815e0c9210dfa324c6cba3573b14bee49da4209a9456f9484e5106cd408a5:1686066542546"
]
],
"content": "today i learned how to allow specific IP addresses to bypass wireguard tunnels\n\nthis is a set of 4 addresses that are what resolve from ctt.pt and appserver.ctt.pt and appserver2.ctt.pt - essential websites for anyone living in portugal, and irritatingly geofenced so that accessing it via my bulgarian VPS address over wireguard causes the thing to not work.\n\nyou add this to the [Interface] block of your wireguard.conf \n\nPreUp = ip route add 3.33.211.116/32 via 192.168.1.254 dev enp7s0\nPostDown = ip route del 3.33.211.116/32 via 192.168.1.254 dev enp7s0\nPreUp = ip route add 15.197.240.141/32 via 192.168.1.254 dev enp7s0\nPostDown = ip route del 15.197.240.141/32 via 192.168.1.254 dev enp7s0\nPreUp = ip route add 52.50.235.136/32 via 192.168.1.254 dev enp7s0\nPostDown = ip route del 52.50.235.136/32 via 192.168.1.254 dev enp7s0\nPreUp = ip route add 54.76.6.35/32 via 192.168.1.254 dev enp7s0\nPostDown = ip route del 54.76.6.35/32 via 192.168.1.254 dev enp7s0\nPreUp = ip route add 62.28.56.1/32 via 192.168.1.254 dev enp7s0\nPostDown = ip route del 62.28.56.1/32 via 192.168.1.254 dev enp7s0\n\nwhere 192.168.1.254 is the default gateway provided by your router\n\nthe CIDR suffix of 32 means \"precisely this address\" as it is 32 bits which is a full 4 octets address for IPv4\n\n#wireguard #portugal #halp #geofencing #amazon\n\nand yes, their shit is running on AWS\n\n#fuckbezos",
"sig": "62ed8c297d9c87e4802af253b7c27947ec9d2c32795c268766cb23696c4bc44d993003d7868fe1a140f9ac39a2d37358e60ddb2fe28c429f0ebac6d1bebca93d"
}