From 45e81978c8061b05ca4fae56fdc4bdbc843ed971 Mon Sep 17 00:00:00 2001
From: keteflips <keteflips@gmail.com>
Date: Fri, 10 Oct 2025 19:13:54 +0200
Subject: [PATCH] wireguard

---
 wireguard.md | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 wireguard.md

diff --git a/wireguard.md b/wireguard.md
new file mode 100644
index 0000000..4ba0193
--- /dev/null
+++ b/wireguard.md
@@ -0,0 +1,14 @@
+set interfaces wireguard wg0 private-key /config/auth/privatekey
+set interfaces wireguard wg0 address 10.200.254.1/24
+set interfaces wireguard wg0 route-allowed-ips true
+set interfaces wireguard wg0 listen-port 51820
+set firewall name WAN_LOCAL rule 20 action accept
+set firewall name WAN_LOCAL rule 20 protocol udp
+set firewall name WAN_LOCAL rule 20 description 'WireGuard'
+set firewall name WAN_LOCAL rule 20 destination port 51820
+set interfaces wireguard wg0 peer HMAlHHPMLvcDWhPoGbOkpDiKpZbdfkPZfIb7z6Q3XV0= allowed-ips 10.200.254.101/32
+set interfaces wireguard wg0 peer HMAlHHPMLvcDWhPoGbOkpDiKpZbdfkPZfIb7z6Q3XV0= endpoint capsulecorp.duckdns.org:29922
+set service nat rule 5010 description 'WireGuard NAT'
+set service nat rule 5010 outbound-interface eth0
+set service nat rule 5010 type masquerade
+set service nat rule 5010 source address 10.200.254.0/24
\ No newline at end of file