cyyself · January 25, 2025 16:29
diff --git a/openwrt-netns-portforward.sh b/openwrt-netns-portforward.sh
 # ip-full kmod-veth iptables-nft ip6tables-mod-nat ip6tables-nft
 ip6tables -t nat -A POSTROUTING -s fd05::1/64 -j MASQUERADE
 ip link add 5g_lan type veth peer 5g_lan_peer
 ip netns add 5g_lan
 ip link set dev 5g_lan_peer netns 5g_lan
 ip netns exec 5g_lan sh <<EOF
    sysctl -w net.ipv4.conf.all.forwarding=1
    sysctl -w net.ipv6.conf.all.forwarding=1
    ip link set dev lo up
    ip link set dev 5g_lan_peer up
    ip addr add dev 5g_lan_peer 100.65.41.2/24
    ip addr add dev 5g_lan_peer fd05::2/64
    ip route add default via 100.65.41.1
    ip route add default via fd05::1
    # fwd 1: wireguard to 2001:db8::1
    ip6tables -t nat -A PREROUTING -p udp -m udp -d fd05::2 --dport 51820 -j DNAT --to-destination [2001:db8::1]:51820
    ip6tables -t nat -A POSTROUTING -d 2001:db8::1 -p udp -m udp --dport 51820 -j SNAT --to-source fd05::2
 EOF
	# ip-full kmod-veth iptables-nft ip6tables-mod-nat ip6tables-nft
	ip6tables -t nat -A POSTROUTING -s fd05::1/64 -j MASQUERADE
	ip link add 5g_lan type veth peer 5g_lan_peer
	ip netns add 5g_lan
	ip link set dev 5g_lan_peer netns 5g_lan
	ip netns exec 5g_lan sh <<EOF
	sysctl -w net.ipv4.conf.all.forwarding=1
	sysctl -w net.ipv6.conf.all.forwarding=1
	ip link set dev lo up
	ip link set dev 5g_lan_peer up
	ip addr add dev 5g_lan_peer 100.65.41.2/24
	ip addr add dev 5g_lan_peer fd05::2/64
	ip route add default via 100.65.41.1
	ip route add default via fd05::1
	# fwd 1: wireguard to 2001:db8::1
	ip6tables -t nat -A PREROUTING -p udp -m udp -d fd05::2 --dport 51820 -j DNAT --to-destination [2001:db8::1]:51820
	ip6tables -t nat -A POSTROUTING -d 2001:db8::1 -p udp -m udp --dport 51820 -j SNAT --to-source fd05::2
	EOF