Hi
Just to confirm something.. as i seen over vpn provider config the used of some watchdog script. And for openvpn, there is also a 99prevent-leak file into /etc/hotplug.d/iface/.
So 1: can we put the Wg interface name (ex: wgvpn) instead of tun0 in that and get secure like the ovpn ? Or by being different it will not do anything..?
`
#!/bin/sh
if [ "$ACTION" = ifup ] && (ip a s wgvpn up) && (iptables -C forwarding_rule -j REJECT); then
iptables -D forwarding_rule -j REJECT
fi
if [ "$ACTION" = ifdown ] && (! ip a s wgvpn up) && (! iptables -C forwarding_rule -j REJECT); then
iptables -I forwarding_rule -j REJECT
fi
`
And 2- on the watchdog as : wireguard_watchdog.sh
`
#!/bin/sh
# ping wg provider dns that can only be reached via the VPN tunnel
# if no contact, reboot!
tries=0
while [[ $tries -lt 5 ]]
do
if /bin/ping -c 1 10.160.1.1
then
echo "wg works"
exit 0
fi
echo "wg fail"
tries=$((tries+1))
done
echo "wg failed 5 times - rebooting"
reboot
`
So is it the same that was supposed to be present into the wireguard-tools package?
And i guess there a cron job to do run it with adding: /etc/crontabs/root
*/15 * * * * /root/wireguard_watchdog.sh
.. but not supposed if fully handle by the wg-tools pack .. ?
thanks