I’m trying to route all traffic from a network through a wireguard interface on the host. The default interface for the host is the ethernet connection, but if I run
curl --interface wg0 ipv4.icanhazip.com
I get the IP address of the wireguard peer I’m connected to. All good so far. Now I’m trying to get a network to use wg0. I’m not looking to install a wireguard client on the guests. I’ve tried the following things:
lxc config device add testinstance eth2 nic nictype=routed parent=wg0
Error: Failed to start device "eth2": Error setting up reverse path filter: Failed adding reverse path filter rules for instance device "zurich_test.eth2" (inet): Failed apply nftables config: Failed to run: nft -f -: exit status 1 (/dev/stdin:5:21-39: Error: Could not process rule: No such file or directory iif "veth0be88872" fib saddr . iif oif missing drop ^^^^^^^^^^^^^^^^^^^)
This returns an error and honestly, I’m not familiar enough with the matter to know if this is even the right command.
I’ve also tried setting the nat address of the network to the IP address of the interface, no luck.
I’m a bit at ends now for what to try next, any suggestions would be greatly appreciated!