The following python script calculates the network addresses in CIDR notation (ready to be set in the config to AllowedIPs =
) to route all traffic (0.0.0.0/0
) except for one address (30.31.32.33/32
) through the wireguard interface. This is usefull if you run wireguard over another tunnel (e.g. udp2raw).
$ python3
import ipaddress
n1 = ipaddress.ip_network('0.0.0.0/0')
n2 = ipaddress.ip_network('30.31.32.33/32')
l = list(n1.address_exclude(n2))
for ip in l:
print('%s' % ip, end =", ")
Result:
128.0.0.0/1, 64.0.0.0/2, 32.0.0.0/3, 0.0.0.0/4, 16.0.0.0/5, 24.0.0.0/6, 28.0.0.0/7, 31.0.0.0/8, 30.128.0.0/9, 30.64.0.0/10, 30.32.0.0/11, 30.0.0.0/12, 30.16.0.0/13, 30.24.0.0/14, 30.28.0.0/15, 30.30.0.0/16, 30.31.128.0/17, 30.31.64.0/18, 30.31.0.0/19, 30.31.48.0/20, 30.31.40.0/21, 30.31.36.0/22, 30.31.34.0/23, 30.31.33.0/24, 30.31.32.128/25, 30.31.32.64/26, 30.31.32.0/27, 30.31.32.48/28, 30.31.32.40/29, 30.31.32.36/30, 30.31.32.34/31, 30.31.32.32/32