mirror of https://git.zx2c4.com/WireGuard
wg.8: Rewrite AllowedIPs description
* The current text doesn't describe how overlapping values are handled. * "[addrs] to which outgoing traffic for this peer is directed" is vague and misleading. * 0.0.0.0/0 and ::/0 don't need to be mentioned, since they aren't special cases. (Should they be mentioned in the example section, though?) Thanks-to: jrb0001, MacGyver, zanijwa Signed-off-by: Luis Ressel <aranea@aixah.de>
This commit is contained in:
parent
91b0a21186
commit
25f49eae3c
|
@ -143,12 +143,12 @@ and may be omitted. This option adds an additional layer of symmetric-key
|
|||
cryptography to be mixed into the already existing public-key cryptography,
|
||||
for post-quantum resistance.
|
||||
.IP \(bu
|
||||
AllowedIPs \(em a comma-separated list of IP (v4 or v6) addresses with
|
||||
CIDR masks from which incoming traffic for this peer is allowed and to
|
||||
which outgoing traffic for this peer is directed. The catch-all
|
||||
\fI0.0.0.0/0\fP may be specified for matching all IPv4 addresses, and
|
||||
\fI::/0\fP may be specified for matching all IPv6 addresses. May be specified
|
||||
multiple times.
|
||||
AllowedIPs \(em a comma-separated list of IP (v4 or v6) addresses with CIDR
|
||||
masks. Outgoing packets will be sent to the peer whose AllowedIPs contain the
|
||||
destination address. (If there are multiple matches, the one with the longest
|
||||
matching prefix is chosen.) Incoming packets are only accepted if traffic to
|
||||
their source IP would be sent to the same peer. May be specified multiple
|
||||
times.
|
||||
.IP \(bu
|
||||
Endpoint \(em an endpoint IP or hostname, followed by a colon, and then a
|
||||
port number. This endpoint will be updated automatically to the most recent
|
||||
|
|
Loading…
Reference in New Issue