I am reading up on Wireguard, preparatory to installing it to my OpenWrt router, and keep running into these lines (they are supposed to give you access to the peer's LAN):
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
From reading about iptables
I know that the -i
option specifies the interface you want.
From a random Web page, I got the idea that %i
refers to the Wireguard interface.
The question is: Why does %i
refer to the Wireguard interface? Is this part of Wireguard grammar, or that of iptables
, or the shell itself?
I have no formal training in computers, but generally try to understand something of what I follow off Web pages. If I want to be the kind of person that knows why %i
means what it means, where should I begin? Study what first? (I'm sure this is a ridiculous question. Apologies.)