In the example on Lochnair/vyatta-wireguard. I'm confused about the following:
wg genkey | tee /config/auth/wg.key | wg pubkey > wg.public configure set interfaces wireguard wg0 address 192.168.33.1/24set interfaces wireguard wg0 listen-port 51820set interfaces wireguard wg0 route-allowed-ips trueset interfaces wireguard wg0 peer GIPWDet2eswjz1JphYFb51sh6I+CwvzOoVyD7z7kZVc= endpoint example1.org:29922set interfaces wireguard wg0 peer GIPWDet2eswjz1JphYFb51sh6I+CwvzOoVyD7z7kZVc= allowed-ips 192.168.33.101/32set interfaces wireguard wg0 peer aBaxDzgsyDk58eax6lt3CLedDt6SlVHnDxLG2K5UdV4= endpoint example2.net:51820set interfaces wireguard wg0 peer aBaxDzgsyDk58eax6lt3CLedDt6SlVHnDxLG2K5UdV4= allowed-ips 192.168.33.102/32set interfaces wireguard wg0 peer aBaxDzgsyDk58eax6lt3CLedDt6SlVHnDxLG2K5UdV4= allowed-ips 192.168.33.103/32set interfaces wireguard wg0 private-key /config/auth/wg.keyset firewall name WAN_LOCAL rule 20 action acceptset firewall name WAN_LOCAL rule 20 protocol udpset firewall name WAN_LOCAL rule 20 description 'WireGuard'set firewall name WAN_LOCAL rule 20 destination port 51820 commit save exit
> set interfaces wireguard wg0 address 192.168.33.1/24
What am I actually indicating here? Is this the internal range of IPs that I'm saying should be routed through WireGuard? This setting is the most confusing and seems to possibly conflict with the IP range one can set of the `allowed-ips` under a peer setting.
> set interfaces wireguard wg0 listen-port 51820
This seems to be the port to listen to on this device.
> set interfaces wireguard wg0 route-allowed-ips true
Does this indicate that any IPs listed within each peers `allowed-ips` setting will be sent through `wg0`?