24 lines
1.1 KiB
Plaintext
24 lines
1.1 KiB
Plaintext
[Interface]
|
|
Address = 10.11.20.1/24
|
|
#SaveConfig = true
|
|
ListenPort = 51820
|
|
PrivateKey = uBjwOBqEeH/2V7qo5GLGQaX159I1YBztzxvYE9pXOnI=
|
|
#https://serverfault.com/questions/1162475/iptables-exclude-a-specific-port-from-being-forwarded-to-the-destination
|
|
PostUp = iptables -t nat -N Inbound
|
|
PostUp = iptables -t nat -A PREROUTING -d 51.222.155.202 -j Inbound
|
|
PostUp = iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE
|
|
PostUp = iptables -t nat -A Inbound -p tcp --dport 22 -j RETURN
|
|
PostUp = iptables -t nat -A Inbound -p tcp --dport 51820 -j RETURN
|
|
PostUp = iptables -t nat -A Inbound -p udp --dport 51820 -j RETURN
|
|
PostUp = iptables -t nat -A Inbound -s 10.11.1.15 -j RETURN
|
|
PostUp = iptables -t nat -A Inbound -j DNAT --to-destination 10.11.1.15 -p tcp --dport 80
|
|
PostUp = iptables -t nat -A Inbound -j DNAT --to-destination 10.11.1.15 -p tcp --dport 443
|
|
PostDown = iptables -D PREROUTING -d 51.222.155.202 -j Inbound -t nat
|
|
PostDown = iptables -D POSTROUTING -o ens3 -j MASQUERADE -t nat
|
|
PostDown = iptables -F Inbound -t nat
|
|
PostDown = iptables -X Inbound -t nat
|
|
|
|
[Peer]
|
|
PublicKey = 84ITOv/sB0f/h7fIY+uLQeTmMDgTCjvVzIQmEsLAZmo=
|
|
AllowedIPs = 10.11.20.2/32,10.11.1.15/32
|