Replying to Avatar Alex Gleason

I feel that I am just not old enough to understand iptables
Avatar
Derek Ross 1y ago

I use iptables more than ufw 🤣

Reply to this note

Please Login to reply.

Discussion

Avatar
jb55 1y ago

same… we have the guy who made it here! nostr:npub179e9tp4yqtqx4myp35283fz64gxuzmr6n3yxnktux5pnd5t03eps0elz4s

Avatar
Alex Gleason 1y ago

Maybe he can help me force all outgoing traffic through wireguard. Nothing I do works so I gave up and installed proxy server.

Avatar
diasporic 1y ago

maybe use routing?

Avatar
Alex Gleason 1y ago

I managed to route traffic through the wireguard interface to the other server, but it never goes out to the public network. I tried everything chatgpt told me, but the problem is I haven't read a 200 page book about networking.

Avatar
cloud fodder 1y ago

refer to: https://wiki.archlinux.org/title/WireGuard

section 2.4.3 systemd-networkd: routing all traffic over WireGuard

special attention to exempt the endpoints public ip.

works, zero iptables used.

Avatar
cloud fodder 1y ago

well, zero on the client, simple masquerade on the exit node

Avatar
jb55 1y ago

allowedIPs should be 0.0.0.0/0 and it should just work

Avatar
jb55 1y ago

On the remote side side you may need

iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o eth0 -j MASQUERADE

Avatar
Derek Ross 1y ago

Oh that's right! 🔥🔥🔥