From 5507c4752e0a2b748e8bb121f8205d2ba3d8505a Mon Sep 17 00:00:00 2001 From: ahab Date: Mon, 27 Jun 2022 17:00:34 +0000 Subject: [PATCH] simple iptables setup and ipv4-forwarding - An easier way to implement iptables by integrating the rules directly into the wireguard-config. When you activate the interface, the rules are loaded automatically. When you deactivate them, they are automatically deleted. - IPv4-forwarding to be able to forward the requests of the clients. --- content/post/wireguard-vps-android.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/content/post/wireguard-vps-android.md b/content/post/wireguard-vps-android.md index 483e1c5..2093f07 100644 --- a/content/post/wireguard-vps-android.md +++ b/content/post/wireguard-vps-android.md @@ -29,7 +29,9 @@ We will use the range 100.64.0.0/10 (RFC 6598) because it doesn't colide with pr iptables -t nat -A POSTROUTING -s 100.64.0.0/10 -o eth0 -j MASQUERADE systemctl enable --now wg-quick@wg0 -Don't forget to save the iptables rules for the next start. The easiest way is to use cron, but I don't recommend it. +Don't forget to save the iptables rules for the next start. The easiest way is to include this config in wg0.conf: + PostUp = iptables -I FORWARD -i eth0 -j ACCEPT; iptables -I FORWARD -o eth0 -j ACCEPT; iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE + PostDown = iptables -D FORWARD -i eth0 -j ACCEPT; iptables -D FORWARD -o eth0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE To get the public key (you need it later on): @@ -38,7 +40,9 @@ To get the public key (you need it later on): Now the gateway is configured and running. To get some information, type in wg and use systemd: systemctl status wg-quick@wg0 - wg show + wg + +Enable IP forwarding in the Linux kernel by uncommenting or adding (uncommenting) `net.ipv4.ip_forward = 1` in /etc/sysctl.conf to persist the setting between system restarts. Use sysctl -w net.ipv4.ip_forward=1 to enable IP forwarding immediately without having to reboot. # Setup your Android -- 2.47.1