Updated Wireguard post

Added information about packet forwarding.

1 files changed, 18 insertions, 1 deletions

diff --git a/content/weblog/2020-06-06_wireguard-vpn/index.md b/content/weblog/2020-06-06_wireguard-vpn/index.md
index 04dd969..08203d9 100644
--- a/content/weblog/2020-06-06_wireguard-vpn/index.md
+++ b/content/weblog/2020-06-06_wireguard-vpn/index.md
@@ -1,6 +1,7 @@
 +++
 title = "Goodbye OpenVPN, hello Wireguard"
 date = 2020-06-06T02:13:28Z
+updated = 2021-03-28T21:23:16Z
 +++
 
 I had been using OpenVPN for quite some time for my internet privacy purposes.
@@ -48,7 +49,7 @@ If these advantages haven't convinced you yet, I don't know what will.
 
 ## Set up instructions
 
-There are something that are worth keeping in mind while setting up Wireguard.
+There are some things that are worth keeping in mind while setting up Wireguard.
 One of them is that unlike other VPN protocols, like OpenVPN, there is no server
 and client per se. There are just peers. Of course, that doesn't mean that you
 cannot use Wireguard like you would use OpenVPN, quite the contrary. It just
@@ -136,6 +137,22 @@ systemctl enable wg-quick@wg0
 systemctl start wg-quick@wg0
 ```
 
+Since in this configuration we want to be able to forward all of the peers'
+traffic through the VPS, we need to enable packet forwarding in the kernel by
+adding or uncommenting the following lines to `/etc/sysctl.conf`, or creating a
+new file in `/etc/sysctl.d/` with these lines:
+
+```
+net.ipv4.ip_forward=1
+net.ipv6.conf.all.forwarding=1
+```
+
+After adding them, to immediately load the config we run
+
+```sh
+sysctl --system
+```
+
 ### Client configuration
 
 The configuration for the client side of things is pretty similar to the server