Difference between revisions of "Firewall configuration"

From MyWiki
Jump to: navigation, search
(Blanked the page)
 
(4 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
UFW configuration to redirect and masquerade from vpn to internal address<br>
 +
Taken from a Raspberry Pi which works<br>
 +
<source lang="text">
 +
# Generated by iptables-save v1.4.14 on Mon Mar 27 00:04:08 2017
 +
*filter
 +
:INPUT ACCEPT [3796:458494]
 +
:FORWARD ACCEPT [891:104728]
 +
:OUTPUT ACCEPT [3014:356934]
 +
-A FORWARD -i eth0 -o tun0 -m state --state RELATED,ESTABLISHED -j ACCEPT
 +
COMMIT
 +
# Completed on Mon Mar 27 00:04:08 2017
 +
# Generated by iptables-save v1.4.14 on Mon Mar 27 00:04:08 2017
 +
*nat
 +
:PREROUTING ACCEPT [301:36128]
 +
:INPUT ACCEPT [46:5786]
 +
:OUTPUT ACCEPT [157:11272]
 +
:POSTROUTING ACCEPT [19:1254]
 +
-A POSTROUTING -o tun0 -j MASQUERADE
 +
COMMIT
 +
# Completed on Mon Mar 27 00:04:08 2017
  
 +
 +
</source>
 +
That's odd the forwarding is in the filter table<br>
 +
We want to copy this rule to Ubuntu 17<br>
 +
The above may be deprecated and wrong<br>

Latest revision as of 12:41, 30 August 2018

UFW configuration to redirect and masquerade from vpn to internal address
Taken from a Raspberry Pi which works

# Generated by iptables-save v1.4.14 on Mon Mar 27 00:04:08 2017
*filter
:INPUT ACCEPT [3796:458494]
:FORWARD ACCEPT [891:104728]
:OUTPUT ACCEPT [3014:356934]
-A FORWARD -i eth0 -o tun0 -m state --state RELATED,ESTABLISHED -j ACCEPT
COMMIT
# Completed on Mon Mar 27 00:04:08 2017
# Generated by iptables-save v1.4.14 on Mon Mar 27 00:04:08 2017
*nat
:PREROUTING ACCEPT [301:36128]
:INPUT ACCEPT [46:5786]
:OUTPUT ACCEPT [157:11272]
:POSTROUTING ACCEPT [19:1254]
-A POSTROUTING -o tun0 -j MASQUERADE
COMMIT
# Completed on Mon Mar 27 00:04:08 2017

That's odd the forwarding is in the filter table
We want to copy this rule to Ubuntu 17
The above may be deprecated and wrong

Retrieved from "https://wiki.twig.es/index.php?title=Firewall_configuration&oldid=4188"