From dec5ee4a911f7fded48ee64dfc4dd0613fec6d38 Mon Sep 17 00:00:00 2001 From: bolvan Date: Sat, 27 Apr 2019 21:39:02 +0300 Subject: [PATCH] vpn : single-nat, port forwarding, qos-based routing --- wireguard_iproute_openwrt.txt | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/wireguard_iproute_openwrt.txt b/wireguard_iproute_openwrt.txt index a60885b..c1ca139 100644 --- a/wireguard_iproute_openwrt.txt +++ b/wireguard_iproute_openwrt.txt @@ -316,13 +316,13 @@ config rule --/etc/network/interfaces.d/wgvps------------- post-up iptables -t nat -A PREROUTING -i eth0 -p tcp -m multiport --dports 5001,5201 -j DNAT --to-destination 192.168.2.2 - post-up iptables -t nat -A POSTROUTING -o wgvps -d 192.168.2.2 -p tcp -m multiport --dports 5001,5201 -j MASQUERADE + post-up iptables -t nat -A POSTROUTING -o $IFACE -d 192.168.2.2 -p tcp -m multiport --dports 5001,5201 -j MASQUERADE post-up iptables -t nat -A PREROUTING -i eth0 -p udp -m multiport --dports 5001,5201 -j DNAT --to-destination 192.168.2.2 - post-up iptables -t nat -A POSTROUTING -o wgvps -d 192.168.2.2 -p udp -m multiport --dports 5001,5201 -j MASQUERADE + post-up iptables -t nat -A POSTROUTING -o $IFACE -d 192.168.2.2 -p udp -m multiport --dports 5001,5201 -j MASQUERADE post-down iptables -t nat -D PREROUTING -i eth0 -p tcp -m multiport --dports 5001,5201 -j DNAT --to-destination 192.168.2.2 - post-down iptables -t nat -D POSTROUTING -o wgvps -d 192.168.2.2 -p tcp -m multiport --dports 5001,5201 -j MASQUERADE + post-down iptables -t nat -D POSTROUTING -o $IFACE -d 192.168.2.2 -p tcp -m multiport --dports 5001,5201 -j MASQUERADE post-down iptables -t nat -D PREROUTING -i eth0 -p udp -m multiport --dports 5001,5201 -j DNAT --to-destination 192.168.2.2 - post-down iptables -t nat -D POSTROUTING -o wgvps -d 192.168.2.2 -p udp -m multiport --dports 5001,5201 -j MASQUERADE + post-down iptables -t nat -D POSTROUTING -o $IFACE -d 192.168.2.2 -p udp -m multiport --dports 5001,5201 -j MASQUERADE ---------------------------------------------- # ifdown wgvps ; ifup wgvps