WireGuard Cheatsheet

Windows

Start or Stop WireGuard Tunnel on Windows

To start a WireGuard tunnel, go to the start menu and type services.msc. Click “Yes” to any security warning. Scroll down to the bottom and you will see the available WireGuard tunnels. Right click and select Start or Stop, as appropriate.

services.msc

To manually start or stop the service from an administrative command line, enter:

C:\>net stop WireGuardTunnel$london
The WireGuard Tunnel: london service is stopping.
The WireGuard Tunnel: london service was stopped successfully.

C:\>net start WireGuardTunnel$london
The WireGuard Tunnel: london service is starting..
The WireGuard Tunnel: london service was started successfully.

Install or Remove a WireGuard Tunnel on Windows

From an Administrative command prompt enter the following:

C:\>wireguard /installtunnelservice {full-path-to-config-file}\{interface}.conf

C:\>wireguard /uninstalltunnelservice {interface}

There is no text returned for successfully installing or removing the service.

Linux

Installing

# Install wireguard and resolvconf (for dns to work properly)
sudo apt install wireguard resolvconf

Starting and Stopping WireGuard Tunnel on Linux

sudo wg-quick up {interface}

sudo wg-quick down {interface}

Enabling WireGuard on Startup with systemd

sudo systemctl enable wg-quick@{interface}.service
sudo systemctl start wg-quick@{interface}.service

WireGuard Subnet Routing

PostUp=iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown=iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

WireGuard Bridging

PostUp=iptables -A FORWARD -i wlan0 -o korea -j ACCEPT; iptables -A FORWARD -i  korea -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -t nat -A POSTROUTING -o korea -j MASQUERADE
PostDown=iptables -A FORWARD -i wlan0 -o korea -j ACCEPT; iptables -A FORWARD -i korea -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -t nat -A  POSTROUTING -o korea -j MASQUERADE

Statistics

wg

These commands apply to both Windows and Linux

wg

wg show all transfer
wg show {interface} transfer
wg show all dump