Skip to content

Instantly share code, notes, and snippets.

@tuna2134

tuna2134/router.yaml

Last active February 14, 2024 07:37
Show Gist options
  • Save tuna2134/3e505363b0c5f671b95b20f62c1b6732 to your computer and use it in GitHub Desktop.
Save tuna2134/3e505363b0c5f671b95b20f62c1b6732 to your computer and use it in GitHub Desktop.
Download ZIP
Router create script
Raw
router.yaml
network:
ethernets:
eth0:
dhcp4: true
nameservers:
addresses:
- 1.1.1.1
eth1:
dhcp4: false
addresses:
- 172.16.70.1/24
version: 2
@tuna2134
Copy link
Author

tuna2134 commented May 11, 2023
edited
Loading

Masquerade

sudo iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
sudo iptables -t nat -A POSTROUTING -s 172.16.70.0/24 -o wg0 -j MASQUERADE
sudo iptables -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

@tuna2134
Copy link
Author

tuna2134 commented May 11, 2023
edited
Loading

Enable ip forward

echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf
sysctl -p

@tuna2134
Copy link
Author 

IP_Address: 172.16.70.12
Gateway: 172.16.70.1

@tuna2134
Copy link
Author

tuna2134 commented May 11, 2023
edited
Loading

Enjoy self made router life!

@tuna2134
Copy link
Author

tuna2134 commented May 11, 2023
edited
Loading

Port forwarding(Sample)

sudo iptables -t nat -A PREROUTING ! -s 192.168.11.0/24 -p tcp -m tcp --dport 30000:32767 -j DNAT --to-destination 172.16.70.12:30000-32767
sudo iptables -t nat -A POSTROUTING -d 192.168.11.0/24 -p tcp -m tcp --dport 30000:32767 -j SNAT --to-source 172.16.42.1:30000-32767

@tuna2134
Copy link
Author

Save iptables setting

iptables-save > /etc/iptables/rules.v4

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment