Wireguard server can only successfully be used via one WAN interface

Perhaps there is a solution using a script or iptables for a temporary solution. What could it be to work now?

How do this with iptables? Anybody help?

I search documentation by wireguard routes and find this:
"
WireGuard does something quite interesting. When a WireGuard interface is created (with ip link add wg0 type wireguard), it remembers the namespace in which it was created. "I was created in namespace A." Later, WireGuard can be moved to new namespaces ("I'm moving to namespace B."), but it will still remember that it originated in namespace A.
"

I have temp solutions.
shell script

!/bin/sh
if [ "${ACTION}" = "ifdown" ] && [ "${INTERFACE}" = "wan" ];
 then
    sleep 25
   if [ping -c 1 10.66.66.1 > /dev/null];
   then
    exit 0
   else
    ifdown wan
    sleep 5
    ifup wan
    exit 0
    fi
  fi
if [ "${ACTION}" = "ifup" ] && [ "${INTERFACE}" = "wan" ];
 then
    ifdown wg
    sleep 5
    ifup wg
    exit 0
  fi

Hi,
As the wireguard team was answered, it was designed to "outbound packets follow routing table rules to select the "best" interface to send from."

https://lists.zx2c4.com/pipermail/wireguard/2021-January/006243.html

Then how to creat the iptables?

Hi all,
I tried to make a patch for the wireguard:

Tested working!!!

1 Like