1.5 KiB
1.5 KiB
Wireguard automated install with vagrant and ansible provision
Dependencies:
System:
# apt install python3 python3-pip python3-venv
Python:
python3 -m venv .venv
source ./.venv/bin/activate
pip install -r requirements.txt
Ansible:
ansible-galaxy install -r requirements.yml
Start
./virsh_network/start.sh
cd vg && vagrant up --provider=libvirt --no-parallel
Destroy the environment
vagrant destroy
./virsh_network/destroy.sh
Report
zathura report/report.pdf
Wireshark captures
wireshark pcap/eth1_traffic.pcap # public interface (encrypted traffic)
wiershark pcap/wg0_traffic.pcap # wireguard interface (decrypted traffic)
wiershark pcap/keep_alive.pcap # public interface (encrypted traffic, keepalive packets)
Good resource about wireguard
Enable IP forwarding on the peer through which other devices on the network will connect to WireGuard peer
sysctl -w net.ipv4.ip_forward=1
sysctl -w net.ipv6.conf.all.forwarding=1
ENABLE logging for debugging
modprobe wireguard
echo module wireguard +p > /sys/kernel/debug/dynamic_debug/control
dmesg -wH
Run in docker
version: '3'
services:
wireguard:
image: linuxserver/wireguard
ports:
- 51820:51820/udp
cap_add:
- NET_ADMIN
- SYS_MODULE
volumes:
- /lib/modules:/lib/modules
- ./wg0.conf:/config/wg0.conf:ro