-
-
Save riobard/bdf5fb2e50c51c962eef to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [peername] | |
| proto = nacltai | |
| proto_publickey = REMOTE_PUBKEY | |
| proto_privatekey = LOCAL_PRIKEY | |
| local = tuntap | |
| local_interface = tunnel | |
| peer = udp | |
| peer_remoteaddr = REMOTE_IP | |
| peer_remoteport = 8000 | |
| peer_localaddr = 0.0.0.0 | |
| peer_localport = 8000 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [peername] | |
| proto = nacltai | |
| proto_publickey = LOCAL_PUBKEY | |
| proto_privatekey = REMOTE_PRIKEY | |
| local = tuntap | |
| local_interface = tunnel | |
| peer = udp | |
| peer_localaddr = REMOTE_IP | |
| peer_localport = 8000 | |
| peer_remotefloat = 1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo ifconfig tunnel 10.8.0.1/24 | |
| sudo ifconfig tunnel mtu 1440 | |
| echo 1 > /proc/sys/net/ipv4/ip_forward | |
| iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE | |
| iptables -A FORWARD -i eth0 -o tunnel -m state --state RELATED,ESTABLISHED -j ACCEPT | |
| iptables -A FORWARD -i tunnel -o eth0 -j ACCEPT |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ifconfig tunnel 10.8.0.2/24 | |
| ifconfig tunnel mtu 1440 | |
| route del default | |
| route add 106.186.124.182 gw 10.0.1.1 # change 10.0.1.1 into your gateway IP for example 192.168.1.1 | |
| route add default gw 10.8.0.1 | |
| echo 1 > /proc/sys/net/ipv4/ip_forward | |
| iptables -t nat -A POSTROUTING -o tunnel -j MASQUERADE | |
| iptables -A FORWARD -i tunnel -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT | |
| iptables -A FORWARD -i eth0 -o tunnel -j ACCEPT | |
| iptables -t mangle -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1400 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ ifconfig tunnel | |
| tunnel Link encap:Ethernet HWaddr c6:02:a3:f9:78:c2 | |
| inet addr:10.8.0.2 Bcast:10.8.0.255 Mask:255.255.255.0 | |
| $ netstat -nr | |
| Kernel IP routing table | |
| Destination Gateway Genmask Flags MSS Window irtt Iface | |
| 0.0.0.0 10.8.0.1 0.0.0.0 UG 0 0 0 tunnel | |
| 10.0.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 | |
| 10.8.0.0 0.0.0.0 255.255.255.0 U 0 0 0 tunnel | |
| REMOTE_IP 10.0.1.1 255.255.255.255 UGH 0 0 0 eth0 | |
| REMOTE_IP 0.0.0.0 255.255.255.255 UH 0 0 0 tunnel |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ ifconfig tunnel | |
| tunnel Link encap:Ethernet HWaddr 66:a0:23:f1:fa:9e | |
| inet addr:10.8.0.1 Bcast:10.8.0.255 Mask:255.255.255.0 | |
| $ iptables -L -n -t nat -v | |
| Chain POSTROUTING (policy ACCEPT 1222K packets, 82M bytes) | |
| pkts bytes target prot opt in out source destination | |
| 3929K 244M MASQUERADE all -- * eth0 0.0.0.0/0 0.0.0.0/0 | |
| 0 0 MASQUERADE all -- * eth0 0.0.0.0/0 0.0.0.0/0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment