From b49c9bff093d9271e93a60444bc5c1d5221a64d5 Mon Sep 17 00:00:00 2001 From: Nick Sweeting Date: Wed, 29 May 2019 14:26:18 -0400 Subject: [PATCH] add PreDown and PostDown config reference --- README.md | 43 ++++++++++++++++++++++++++++++------------- 1 file changed, 30 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 9ee0391..1b5e468 100644 --- a/README.md +++ b/README.md @@ -511,20 +511,25 @@ dig example.com A **Jump to definition:** -¶ `[Inteface]``# Name = node1.example.tld``Address = 10.0.0.3/32``ListenPort = 51820``PrivateKey = localPrivateKeyAbcAbcAbc=``DNS = 1.1.1.1,8.8.8.8` - -¶ `[Peer]``# Name = node2-node.example.tld``AllowedIPs = 10.0.0.1/24``Endpoint = node1.example.tld:51820``PublicKey = remotePublicKeyAbcAbcAbc=``PersistentKeepalive = 25``[Inteface]``# Name = node1.example.tld``Address = 10.0.0.3/32``ListenPort = 51820``PrivateKey = localPrivateKeyAbcAbcAbc=``DNS = 1.1.1.1,8.8.8.8``PreUp = /bin/example arg1 arg2 %i``PostUp = /bin/example arg1 arg2 %i``PreDown = /bin/example arg1 arg2 %i``PostDown = /bin/example arg1 arg2 %i` + + +¶ `[Peer]``# Name = node2-node.example.tld``AllowedIPs = 10.0.0.1/24``Endpoint = node1.example.tld:51820``PublicKey = remotePublicKeyAbcAbcAbc=``PersistentKeepalive = 25` ### `[Interface]` @@ -637,6 +642,18 @@ Optionally run a command after the interface is brought up. * Add an iptables rule to enable packet forwarding on the WireGuard interface `PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE` +#### `PreDown` + +Optionally run a command before the interface is brought down. + +**Examples** + +* Log a line to a file +`PostDown = echo "$(date +%s) WireGuard Going Down" >> /var/log/wireguard.log` + +* Hit a webhook on another server +`PostDown = curl https://events.example.dev/wireguard/stopping/?key=abcdefg` + #### `PostDown`