Update tinc-up.tmpl
This commit is contained in:
parent
70a20c82a1
commit
455830e5eb
@ -13,10 +13,11 @@ ifconfig ${internal_interface} ${internal_address6}/${internal_mask6:-128}
|
||||
iptables -t nat -I PREROUTING -d {{ . }} -i eth0 -j DNAT --to-destination ${tinc_peer_address}
|
||||
{{ end }}{{ end }}
|
||||
|
||||
iptables -A FORWARD -i eth0 -o \$INTERFACE -j ACCEPT
|
||||
|
||||
# Plugins may communicate over eth0, the 'internal' docker network.
|
||||
# Because of this, we should allow masquerading NAT through eth0
|
||||
iptables -A FORWARD -i eth0 -o \$INTERFACE -j ACCEPT
|
||||
iptables -t nat -A PREROUTING -i eth0 -j MARK --set-mark 1
|
||||
iptables -t nat -A PREROUTING -i eth0 ! -s ${network_address}/${global_prefix:-16} -j MARK --set-mark 1
|
||||
iptables -t nat -A POSTROUTING -m mark --mark 1 -o \$INTERFACE -j MASQUERADE
|
||||
|
||||
# Prevent spoofing attacks
|
||||
|
Loading…
x
Reference in New Issue
Block a user