0

I have binary program named wstunnel.

That program has no option to specify outgoing traffic. By default it will use ens3. I expect the program will use warp interface.

I'm not sure iptables can solve this, if we make ALLOW rule to warp interface exclusively for wstunnel, the process/program doesn't care whether it's exclusive for him or not.

Improve this question

1 Answer 1

Reset to default
0

I think it can be solved by isolating into docker or udocker for minimal version.

For another solution, luckily my binary program support --socket-so-mark option to mark packet. So for another reader, if your program support packet marking. You can use this approach.

So, what I did:

  1. Setup SO mark.
wstunnel server ws://10.148.0.69:2052  --socket-so-mark 1234
  1. Create table rule with ID 100 based on mark 1234
sudo ip rule add fwmark 1234 table 100
  1. Add a route of table ID 100. Where warp is 172.16.0.2
sudo ip route add default dev warp table 100

I opened issue to binary program so that it can be explicitly to use specified interface for outgoing traffic: https://github.com/erebe/wstunnel/issues/285

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.