Wireguard client container doesn't work with custom AllowedIPs

I want to use wireguard container in client mode as a gateway for my other containers so the other containers would have access to the internet using wireguard vpn. I’m running wireguard container using this command:

docker create \
  --name=wireguard \
  --privileged \
  -e PUID=1000 \
  -e PGID=1000 \
  -e TZ=Europe/London \
  -v /path/to/client/config/file:/config \
  --sysctl="net.ipv4.conf.all.src_valid_mark=1" \
  --sysctl="net.ipv6.conf.all.disable_ipv6=0" \

Everything works fine when I have AllowedIPs = in the config file and all the traffic goes through wireguard vpn. But I need to change AllowedIPs and customize it, and when I changed it to something like AllowedIPs =, wireguard container lost its internet access and had no connection to the internet at all. I couldn’t figure out the problem, even in the logs I saw no error message…

P.S: No wireguard tag for topics?!

We don’t offer support for routing containers through other containers. You are more than welcome to come on discord and visit #other-support to get some guidance.

Thanks but my main problem isn’t about routing containers through another container. My problem is when I edit wiregurad client file and change AllowedIPs to route only specific subnets and not all the traffic, wireguard container looses its network connection, It seems somehow iptables doesn’t work properly within container.

You probably need to join us on discord for further help. I will warn you, 1) it’s been tested extensively and it all works 2) we support the container, not the app in the container 3) I make use of the AllowedIPs section and it “works for me™”

share your docker compose/run? are you using portainer or something equally bad?

Thanks for your help. Docker run and its options are in my first post in the topic (after creating container I just start it without running any other command in between). I’m not using portainer or anything like it.

Can you please tell me how you run your container when AllowedIPs works for you? What is your host OS?

my wireguard runs on what i like to call driznix, though i briefly tested on debian as well.

i use allowedips for split tunneling, my allowedips includes my vpn subnet, my lan subnet, and my IoT subnet (for cameras mostly). everything else goes out the default gateway.