0

I have binary program named wstunnel.

That program has no option to specify outgoing traffic. By default it will use ens3. I expect the program will use warp interface.

I'm not sure iptables can solve this, if we make ALLOW rule to warp interface exclusively for wstunnel, the process/program doesn't care whether it's exclusive for him or not.

Improve this question

1 Answer 1

Reset to default
0

I think it can be solved by isolating into docker or udocker for minimal version.

For another solution, luckily my binary program support --socket-so-mark option to mark packet. So for another reader, if your program support packet marking. You can use this approach.

So, what I did:

  1. Setup SO mark.
wstunnel server ws://10.148.0.69:2052  --socket-so-mark 1234
  1. Create table rule with ID 100 based on mark 1234
sudo ip rule add fwmark 1234 table 100
  1. Add a route of table ID 100. Where warp is 172.16.0.2
sudo ip route add default dev warp table 100

I opened issue to binary program so that it can be explicitly to use specified interface for outgoing traffic: https://github.com/erebe/wstunnel/issues/285

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .