diff --git a/content/post/wireguard-vps-android.md b/content/post/wireguard-vps-android.md index 483e1c5..2093f07 100644 --- a/content/post/wireguard-vps-android.md +++ b/content/post/wireguard-vps-android.md @@ -29,7 +29,9 @@ We will use the range 100.64.0.0/10 (RFC 6598) because it doesn't colide with pr iptables -t nat -A POSTROUTING -s 100.64.0.0/10 -o eth0 -j MASQUERADE systemctl enable --now wg-quick@wg0 -Don't forget to save the iptables rules for the next start. The easiest way is to use cron, but I don't recommend it. +Don't forget to save the iptables rules for the next start. The easiest way is to include this config in wg0.conf: + PostUp = iptables -I FORWARD -i eth0 -j ACCEPT; iptables -I FORWARD -o eth0 -j ACCEPT; iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE + PostDown = iptables -D FORWARD -i eth0 -j ACCEPT; iptables -D FORWARD -o eth0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE To get the public key (you need it later on): @@ -38,7 +40,9 @@ To get the public key (you need it later on): Now the gateway is configured and running. To get some information, type in wg and use systemd: systemctl status wg-quick@wg0 - wg show + wg + +Enable IP forwarding in the Linux kernel by uncommenting or adding (uncommenting) `net.ipv4.ip_forward = 1` in /etc/sysctl.conf to persist the setting between system restarts. Use sysctl -w net.ipv4.ip_forward=1 to enable IP forwarding immediately without having to reboot. # Setup your Android