simple iptables setup and ipv4-forwarding
- An easier way to implement iptables by integrating the rules directly into the wireguard-config. When you activate the interface, the rules are loaded automatically. When you deactivate them, they are automatically deleted. - IPv4-forwarding to be able to forward the requests of the clients.
This commit is contained in:
parent
ad328f0984
commit
5507c4752e
@ -29,7 +29,9 @@ We will use the range 100.64.0.0/10 (RFC 6598) because it doesn't colide with pr
|
|||||||
iptables -t nat -A POSTROUTING -s 100.64.0.0/10 -o eth0 -j MASQUERADE
|
iptables -t nat -A POSTROUTING -s 100.64.0.0/10 -o eth0 -j MASQUERADE
|
||||||
systemctl enable --now wg-quick@wg0
|
systemctl enable --now wg-quick@wg0
|
||||||
|
|
||||||
Don't forget to save the iptables rules for the next start. The easiest way is to use cron, but I don't recommend it.
|
Don't forget to save the iptables rules for the next start. The easiest way is to include this config in wg0.conf:
|
||||||
|
PostUp = iptables -I FORWARD -i eth0 -j ACCEPT; iptables -I FORWARD -o eth0 -j ACCEPT; iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
|
||||||
|
PostDown = iptables -D FORWARD -i eth0 -j ACCEPT; iptables -D FORWARD -o eth0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
|
||||||
|
|
||||||
To get the public key (you need it later on):
|
To get the public key (you need it later on):
|
||||||
|
|
||||||
@ -38,7 +40,9 @@ To get the public key (you need it later on):
|
|||||||
Now the gateway is configured and running. To get some information, type in wg and use systemd:
|
Now the gateway is configured and running. To get some information, type in wg and use systemd:
|
||||||
|
|
||||||
systemctl status wg-quick@wg0
|
systemctl status wg-quick@wg0
|
||||||
wg show
|
wg
|
||||||
|
|
||||||
|
Enable IP forwarding in the Linux kernel by uncommenting or adding (uncommenting) `net.ipv4.ip_forward = 1` in /etc/sysctl.conf to persist the setting between system restarts. Use sysctl -w net.ipv4.ip_forward=1 to enable IP forwarding immediately without having to reboot.
|
||||||
|
|
||||||
# Setup your Android
|
# Setup your Android
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user