{"id":1813,"date":"2023-01-24T08:50:04","date_gmt":"2023-01-24T03:20:04","guid":{"rendered":"https:\/\/trysiteprice.com\/blog\/?p=1813"},"modified":"2023-01-24T08:50:04","modified_gmt":"2023-01-24T03:20:04","slug":"how-to-set-up-wireguard-firewall-rules-in-linux","status":"publish","type":"post","link":"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/","title":{"rendered":"How To Set Up WireGuard Firewall Rules in Linux"},"content":{"rendered":"<p>WireGuard is a modern, secure VPN protocol that can be used to set up a virtual private network (VPN) on Linux. To set up firewall rules for WireGuard, you can use the iptables command. Here&#8217;s an example of how you can set up firewall rules for a WireGuard VPN on Linux:<\/p>\n<ol>\n<li>First, you will need to create a new chain for WireGuard in the iptables firewall by running the following command:<\/li>\n<\/ol>\n<div class=\"bg-black mb-4 rounded-md\">\n<div class=\"flex items-center relative text-gray-200 bg-gray-800 px-4 py-2 text-xs font-sans\"><\/div>\n<div class=\"p-4 overflow-y-auto\"><code class=\"!whitespace-pre-wrap hljs\">sudo iptables -N wireguard<br \/>\n<\/code><\/div>\n<\/div>\n<ol start=\"2\">\n<li>Next, you will need to allow all traffic to and from the WireGuard interface by running the following commands:<\/li>\n<\/ol>\n<div class=\"bg-black mb-4 rounded-md\">\n<div class=\"flex items-center relative text-gray-200 bg-gray-800 px-4 py-2 text-xs font-sans\"><\/div>\n<div class=\"p-4 overflow-y-auto\"><code class=\"!whitespace-pre-wrap hljs language-css\">sudo iptables -<span class=\"hljs-selector-tag\">A<\/span> wireguard -<span class=\"hljs-selector-tag\">i<\/span> wg0 -j ACCEPT<br \/>\nsudo iptables -<span class=\"hljs-selector-tag\">A<\/span> wireguard -o wg0 -j ACCEPT<br \/>\n<\/code><\/div>\n<\/div>\n<ol start=\"3\">\n<li>To block all incoming traffic to the WireGuard interface, you can use the following command:<\/li>\n<\/ol>\n<div class=\"bg-black mb-4 rounded-md\">\n<div class=\"flex items-center relative text-gray-200 bg-gray-800 px-4 py-2 text-xs font-sans\"><\/div>\n<div class=\"p-4 overflow-y-auto\"><code class=\"!whitespace-pre-wrap hljs language-css\">sudo iptables -<span class=\"hljs-selector-tag\">A<\/span> <span class=\"hljs-selector-tag\">INPUT<\/span> -<span class=\"hljs-selector-tag\">i<\/span> wg0 -j REJECT<br \/>\n<\/code><\/div>\n<\/div>\n<ol start=\"4\">\n<li>To block all outgoing traffic from the WireGuard interface, you can use the following command:<\/li>\n<\/ol>\n<div class=\"bg-black mb-4 rounded-md\">\n<div class=\"flex items-center relative text-gray-200 bg-gray-800 px-4 py-2 text-xs font-sans\"><\/div>\n<div class=\"p-4 overflow-y-auto\"><code class=\"!whitespace-pre-wrap hljs language-css\">sudo iptables -<span class=\"hljs-selector-tag\">A<\/span> OUTPUT -o wg0 -j REJECT<br \/>\n<\/code><\/div>\n<\/div>\n<ol start=\"5\">\n<li>To allow incoming traffic from a specific IP address to the WireGuard interface, you can use the following command:<\/li>\n<\/ol>\n<div class=\"bg-black mb-4 rounded-md\">\n<div class=\"flex items-center relative text-gray-200 bg-gray-800 px-4 py-2 text-xs font-sans\"><\/div>\n<div class=\"p-4 overflow-y-auto\"><code class=\"!whitespace-pre-wrap hljs language-css\">sudo iptables -<span class=\"hljs-selector-tag\">A<\/span> wireguard -<span class=\"hljs-selector-tag\">i<\/span> wg0 -s &lt;IP_ADDRESS&gt; -j ACCEPT<br \/>\n<\/code><\/div>\n<\/div>\n<ol start=\"6\">\n<li>To allow outgoing traffic to a specific IP address from the WireGuard interface, you can use the following command:<\/li>\n<\/ol>\n<div class=\"bg-black mb-4 rounded-md\">\n<div class=\"flex items-center relative text-gray-200 bg-gray-800 px-4 py-2 text-xs font-sans\"><\/div>\n<div class=\"p-4 overflow-y-auto\"><code class=\"!whitespace-pre-wrap hljs language-css\">sudo iptables -<span class=\"hljs-selector-tag\">A<\/span> wireguard -o wg0 -d &lt;IP_ADDRESS&gt; -j ACCEPT<br \/>\n<\/code><\/div>\n<\/div>\n<ol start=\"7\">\n<li>To allow incoming traffic to the WireGuard interface on a specific port, you can use the following command:<\/li>\n<\/ol>\n<div class=\"bg-black mb-4 rounded-md\">\n<div class=\"flex items-center relative text-gray-200 bg-gray-800 px-4 py-2 text-xs font-sans\"><\/div>\n<div class=\"p-4 overflow-y-auto\"><code class=\"!whitespace-pre-wrap hljs language-css\">sudo iptables -<span class=\"hljs-selector-tag\">A<\/span> wireguard -<span class=\"hljs-selector-tag\">i<\/span> wg0 -<span class=\"hljs-selector-tag\">p<\/span> &lt;PROTOCOL&gt; <span class=\"hljs-attr\">--dport<\/span> &lt;PORT&gt; -j ACCEPT<br \/>\n<\/code><\/div>\n<\/div>\n<ol start=\"8\">\n<li>To allow outgoing traffic from the WireGuard interface on a specific port, you can use the following command:<\/li>\n<\/ol>\n<div class=\"bg-black mb-4 rounded-md\">\n<div class=\"flex items-center relative text-gray-200 bg-gray-800 px-4 py-2 text-xs font-sans\"><\/div>\n<div class=\"p-4 overflow-y-auto\"><code class=\"!whitespace-pre-wrap hljs language-css\">sudo iptables -<span class=\"hljs-selector-tag\">A<\/span> wireguard -o wg0 -<span class=\"hljs-selector-tag\">p<\/span> &lt;PROTOCOL&gt; <span class=\"hljs-attr\">--sport<\/span> &lt;PORT&gt; -j ACCEPT<br \/>\n<\/code><\/div>\n<\/div>\n<p>It&#8217;s important to note that, these are just example commands. You will need to adjust them to fit your specific use case and the desired level of security. Additionally, you will need to test the changes before deploying them in a production environment. And also, you can use the command &#8220;sudo iptables-save&#8221; to save the changes.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>WireGuard is a modern, secure VPN protocol that can be used to set up a virtual private network (VPN) on Linux. To set up firewall rules for WireGuard, you can use the iptables command. Here&#8217;s an example of how you can set up firewall rules for a WireGuard VPN on Linux: First, you will need &#8230; <a title=\"How To Set Up WireGuard Firewall Rules in Linux\" class=\"read-more\" href=\"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/\" aria-label=\"Read more about How To Set Up WireGuard Firewall Rules in Linux\">Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1813","post","type-post","status-publish","format-standard","hentry","category-best-tutorial"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>How To Set Up WireGuard Firewall Rules in Linux - TrySitePrice<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How To Set Up WireGuard Firewall Rules in Linux - TrySitePrice\" \/>\n<meta property=\"og:description\" content=\"WireGuard is a modern, secure VPN protocol that can be used to set up a virtual private network (VPN) on Linux. To set up firewall rules for WireGuard, you can use the iptables command. Here&#8217;s an example of how you can set up firewall rules for a WireGuard VPN on Linux: First, you will need ... Read more\" \/>\n<meta property=\"og:url\" content=\"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/\" \/>\n<meta property=\"og:site_name\" content=\"TrySitePrice\" \/>\n<meta property=\"article:published_time\" content=\"2023-01-24T03:20:04+00:00\" \/>\n<meta name=\"author\" content=\"Rahul Sahu\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/\"},\"author\":{\"name\":\"Rahul Sahu\",\"@id\":\"https:\/\/trysiteprice.com\/blog\/#\/schema\/person\/358e04eeea4281deacad2f30c58e67f4\"},\"headline\":\"How To Set Up WireGuard Firewall Rules in Linux\",\"datePublished\":\"2023-01-24T03:20:04+00:00\",\"dateModified\":\"2023-01-24T03:20:04+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/\"},\"wordCount\":259,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/trysiteprice.com\/blog\/#organization\"},\"articleSection\":[\"Best\/Tutorial\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/\",\"url\":\"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/\",\"name\":\"How To Set Up WireGuard Firewall Rules in Linux - TrySitePrice\",\"isPartOf\":{\"@id\":\"https:\/\/trysiteprice.com\/blog\/#website\"},\"datePublished\":\"2023-01-24T03:20:04+00:00\",\"dateModified\":\"2023-01-24T03:20:04+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/trysiteprice.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How To Set Up WireGuard Firewall Rules in Linux\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/trysiteprice.com\/blog\/#website\",\"url\":\"https:\/\/trysiteprice.com\/blog\/\",\"name\":\"TrySitePrice\",\"description\":\"Free Website Value Calculator Tool\",\"publisher\":{\"@id\":\"https:\/\/trysiteprice.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/trysiteprice.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/trysiteprice.com\/blog\/#organization\",\"name\":\"TrySitePrice\",\"url\":\"https:\/\/trysiteprice.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/trysiteprice.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/trysiteprice.com\/blog\/wp-content\/uploads\/2021\/12\/cropped-trysiteprice-logo.png\",\"contentUrl\":\"https:\/\/trysiteprice.com\/blog\/wp-content\/uploads\/2021\/12\/cropped-trysiteprice-logo.png\",\"width\":395,\"height\":268,\"caption\":\"TrySitePrice\"},\"image\":{\"@id\":\"https:\/\/trysiteprice.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/trysiteprice.com\/blog\/#\/schema\/person\/358e04eeea4281deacad2f30c58e67f4\",\"name\":\"Rahul Sahu\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/trysiteprice.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/51f0f95f7b95665f62baed2211572165?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/51f0f95f7b95665f62baed2211572165?s=96&d=mm&r=g\",\"caption\":\"Rahul Sahu\"},\"sameAs\":[\"https:\/\/trysiteprice.com\/blog\"],\"url\":\"https:\/\/trysiteprice.com\/blog\/author\/rsahu4242_trysiteprice\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How To Set Up WireGuard Firewall Rules in Linux - TrySitePrice","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/","og_locale":"en_US","og_type":"article","og_title":"How To Set Up WireGuard Firewall Rules in Linux - TrySitePrice","og_description":"WireGuard is a modern, secure VPN protocol that can be used to set up a virtual private network (VPN) on Linux. To set up firewall rules for WireGuard, you can use the iptables command. Here&#8217;s an example of how you can set up firewall rules for a WireGuard VPN on Linux: First, you will need ... Read more","og_url":"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/","og_site_name":"TrySitePrice","article_published_time":"2023-01-24T03:20:04+00:00","author":"Rahul Sahu","twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/#article","isPartOf":{"@id":"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/"},"author":{"name":"Rahul Sahu","@id":"https:\/\/trysiteprice.com\/blog\/#\/schema\/person\/358e04eeea4281deacad2f30c58e67f4"},"headline":"How To Set Up WireGuard Firewall Rules in Linux","datePublished":"2023-01-24T03:20:04+00:00","dateModified":"2023-01-24T03:20:04+00:00","mainEntityOfPage":{"@id":"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/"},"wordCount":259,"commentCount":0,"publisher":{"@id":"https:\/\/trysiteprice.com\/blog\/#organization"},"articleSection":["Best\/Tutorial"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/","url":"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/","name":"How To Set Up WireGuard Firewall Rules in Linux - TrySitePrice","isPartOf":{"@id":"https:\/\/trysiteprice.com\/blog\/#website"},"datePublished":"2023-01-24T03:20:04+00:00","dateModified":"2023-01-24T03:20:04+00:00","breadcrumb":{"@id":"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/trysiteprice.com\/blog\/how-to-set-up-wireguard-firewall-rules-in-linux\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/trysiteprice.com\/blog\/"},{"@type":"ListItem","position":2,"name":"How To Set Up WireGuard Firewall Rules in Linux"}]},{"@type":"WebSite","@id":"https:\/\/trysiteprice.com\/blog\/#website","url":"https:\/\/trysiteprice.com\/blog\/","name":"TrySitePrice","description":"Free Website Value Calculator Tool","publisher":{"@id":"https:\/\/trysiteprice.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/trysiteprice.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/trysiteprice.com\/blog\/#organization","name":"TrySitePrice","url":"https:\/\/trysiteprice.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/trysiteprice.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/trysiteprice.com\/blog\/wp-content\/uploads\/2021\/12\/cropped-trysiteprice-logo.png","contentUrl":"https:\/\/trysiteprice.com\/blog\/wp-content\/uploads\/2021\/12\/cropped-trysiteprice-logo.png","width":395,"height":268,"caption":"TrySitePrice"},"image":{"@id":"https:\/\/trysiteprice.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/trysiteprice.com\/blog\/#\/schema\/person\/358e04eeea4281deacad2f30c58e67f4","name":"Rahul Sahu","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/trysiteprice.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/51f0f95f7b95665f62baed2211572165?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/51f0f95f7b95665f62baed2211572165?s=96&d=mm&r=g","caption":"Rahul Sahu"},"sameAs":["https:\/\/trysiteprice.com\/blog"],"url":"https:\/\/trysiteprice.com\/blog\/author\/rsahu4242_trysiteprice\/"}]}},"_links":{"self":[{"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/posts\/1813","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/comments?post=1813"}],"version-history":[{"count":1,"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/posts\/1813\/revisions"}],"predecessor-version":[{"id":1820,"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/posts\/1813\/revisions\/1820"}],"wp:attachment":[{"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/media?parent=1813"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/categories?post=1813"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/tags?post=1813"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}