Update tinc-up.tmpl
This commit is contained in:
parent
6828b71814
commit
b358f122df
@ -16,7 +16,8 @@ iptables -t nat -I PREROUTING -d {{ . }} -i eth0 -j DNAT --to-destination ${tinc
|
||||
# Plugins may communicate over eth0, the 'internal' docker network.
|
||||
# Because of this, we should allow masquerading NAT through eth0
|
||||
iptables -A FORWARD -i eth0 -o \$INTERFACE -j ACCEPT
|
||||
iptables -t nat -A POSTROUTING -i eth0 -o \$INTERFACE -j MASQUERADE
|
||||
iptables -t nat -A PREROUTING -i eth0 -j MARK --set-mark 1
|
||||
iptables -t nat -A POSTROUTING -m mark --mark 1 -o \$INTERFACE -j MASQUERADE
|
||||
|
||||
# Prevent spoofing attacks
|
||||
iptables -A FORWARD -i \$INTERFACE ! -s ${network_address}/${global_prefix:-16} -j DROP
|
||||
|
Loading…
x
Reference in New Issue
Block a user