Difference between revisions of "Firewall configuration"
From MyWiki
| (3 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
UFW configuration to redirect and masquerade from vpn to internal address<br> | UFW configuration to redirect and masquerade from vpn to internal address<br> | ||
| + | Taken from a Raspberry Pi which works<br> | ||
| + | <source lang="text"> | ||
| + | # Generated by iptables-save v1.4.14 on Mon Mar 27 00:04:08 2017 | ||
| + | *filter | ||
| + | :INPUT ACCEPT [3796:458494] | ||
| + | :FORWARD ACCEPT [891:104728] | ||
| + | :OUTPUT ACCEPT [3014:356934] | ||
| + | -A FORWARD -i eth0 -o tun0 -m state --state RELATED,ESTABLISHED -j ACCEPT | ||
| + | COMMIT | ||
| + | # Completed on Mon Mar 27 00:04:08 2017 | ||
| + | # Generated by iptables-save v1.4.14 on Mon Mar 27 00:04:08 2017 | ||
| + | *nat | ||
| + | :PREROUTING ACCEPT [301:36128] | ||
| + | :INPUT ACCEPT [46:5786] | ||
| + | :OUTPUT ACCEPT [157:11272] | ||
| + | :POSTROUTING ACCEPT [19:1254] | ||
| + | -A POSTROUTING -o tun0 -j MASQUERADE | ||
| + | COMMIT | ||
| + | # Completed on Mon Mar 27 00:04:08 2017 | ||
| + | |||
| + | |||
| + | </source> | ||
| + | That's odd the forwarding is in the filter table<br> | ||
| + | We want to copy this rule to Ubuntu 17<br> | ||
| + | The above may be deprecated and wrong<br> | ||
Latest revision as of 12:41, 30 August 2018
UFW configuration to redirect and masquerade from vpn to internal address
Taken from a Raspberry Pi which works
# Generated by iptables-save v1.4.14 on Mon Mar 27 00:04:08 2017 *filter :INPUT ACCEPT [3796:458494] :FORWARD ACCEPT [891:104728] :OUTPUT ACCEPT [3014:356934] -A FORWARD -i eth0 -o tun0 -m state --state RELATED,ESTABLISHED -j ACCEPT COMMIT # Completed on Mon Mar 27 00:04:08 2017 # Generated by iptables-save v1.4.14 on Mon Mar 27 00:04:08 2017 *nat :PREROUTING ACCEPT [301:36128] :INPUT ACCEPT [46:5786] :OUTPUT ACCEPT [157:11272] :POSTROUTING ACCEPT [19:1254] -A POSTROUTING -o tun0 -j MASQUERADE COMMIT # Completed on Mon Mar 27 00:04:08 2017
That's odd the forwarding is in the filter table
We want to copy this rule to Ubuntu 17
The above may be deprecated and wrong
