badjware
/
home-stack-ansible
1
0
Fork 0
Code Releases Activity

fix wireguard nat interface

This commit is contained in:
Massaki Archambault 2024-07-11 19:46:02 -04:00
parent 256c31ed28
commit d97b0f5712
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
roles/wireguard/templates/wg0.conf
View File

@ -2,10 +2,8 @@
# This is the virtual IP address, with the subnet mask we will use for the VPN. Note that this must not be on our LAN subnet and should be an uncommon subnet to avoid address conflicts
Address = {{ wireguard.address }}
ListenPort = {{ wireguard.port }}
PostUp = iptables -w -t nat -A POSTROUTING -o {{ ansible_facts.interfaces[1] }} -j MASQUERADE; ip6tables -w -t nat -A POSTROUTING -o {{ ansible_facts.interfaces[1] }} -j MASQUERADE
PostDown = iptables -w -t nat -D POSTROUTING -o {{ ansible_facts.interfaces[1] }} -j MASQUERADE; ip6tables -w -t nat -D POSTROUTING -o {{ ansible_facts.interfaces[1] }} -j MASQUERADE
#PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o {{ ansible_facts.interfaces[1] }} -j MASQUERADE
#PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o {{ ansible_facts.interfaces[1] }} -j MASQUERADE
PostUp = iptables -w -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -j MASQUERADE; ip6tables -w -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -j MASQUERADE
PostDown = iptables -w -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -j MASQUERADE; ip6tables -w -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -j MASQUERADE
PrivateKey = {{ private_key.stdout }}
{% for peer in wireguard.peers %}