Make WireGuard route-sink the WG_routes
This commit is contained in:
parent
a976ccf6b2
commit
2570763b0d
@ -2,8 +2,13 @@
|
||||
PrivateKey = ${wg_key}
|
||||
Address = ${wg_address}/${wg_prefix:-32}
|
||||
ListenPort = ${wg_port:-51820}
|
||||
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
||||
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
|
||||
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT;
|
||||
{{ if len "${wg_routes:-}" }}{{ range "$wg_routes" | split "," }}PostUp = ip -4 route add {{ . }} dev wg0
|
||||
{{ end }}{{ end }}
|
||||
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT
|
||||
{{ if len "${wg_routes:-}" }}{{ range "$wg_routes" | split "," }}PostDown = ip -4 route del {{ . }} dev wg0
|
||||
{{ end }}{{ end }}
|
||||
Table = off
|
||||
|
||||
{{ range files "wireguard/peers" }} {{ if ne . "${tinc_peer_name}" }}
|
||||
[Peer]
|
||||
|
Loading…
x
Reference in New Issue
Block a user