Thanks for your reply!
I've had somebody on another forum recommend me to do this:

Code:
You can add AllowedIPs under [Peer], which is the list of IPs that
should be tunneled through the Wireguard tunnel, in your wireguard
configuration file.

0.0.0.0/0 is the whole internet.

If you change it to this:

AllowedIPs = 0.0.0.0/5, 8.0.0.0/7, 11.0.0.0/8, 12.0.0.0/6, 16.0.0.0/4,
32.0.0.0/3, 64.0.0.0/2, 128.0.0.0/3, 160.0.0.0/5, 168.0.0.0/6,
172.0.0.0/12, 172.32.0.0/11, 172.64.0.0/10, 172.128.0.0/9, 173.0.0.0/8,
174.0.0.0/7, 176.0.0.0/4, 192.0.0.0/9, 192.128.0.0/11, 192.160.0.0/13,
192.169.0.0/16, 192.170.0.0/15, 192.172.0.0/14, 192.176.0.0/12,
192.192.0.0/10, 193.0.0.0/8, 194.0.0.0/7, 196.0.0.0/6, 200.0.0.0/5,
208.0.0.0/4, 8.8.8.8/32, 10.64.0.0/10

It should exclude all private IPs (for example LANs)


Then add the following under [Interface]: (if you don't have Postup or
Predown set, otherwise put "&& iptables -I INPUT....."at the back of
your existing line)

Postup = iptables -I INPUT -i YOURLANINTERFACE -d 192.168.1.0/24 -j
ACCEPT && iptables -I OUTPUT -o YOURLANINTERFACE -d 192.168.1.0/24 -j ACCEPT

Predown = iptables -D INPUT -i YOURLANINTERFACE -d 192.168.1.0/24 -j
ACCEPT && iptables -D OUTPUT -o YOURLANINTERFACE -d 192.168.1.0/24 -j ACCEPT

I can see the ranges provided are about the same as you mention. But I do wonder why I have to exclude so many ranges when all I need is 192.168.1.x ?

Now, adding those lines I can do, but I have to admit it's the second part that's got me stumped. I'm using Windows. I cannot change YOURLANINTERFACE to eth0 because that wouldn't work. Do I need to make it the IP address of my desktop pc? And then what about my mobile phone?

I also totally don't understand what the third paragraph (the one about PostUp and Predown) means... crazy
_________________________
Riocar 80gig S/N : 010101580 red
Riocar 80gig (010102106) - backup