From bbce82500fdf256e322bcb79a2e4d20bacad38d8 Mon Sep 17 00:00:00 2001
From: sump pump <admin@example.com>
Date: Tue, 9 Jun 2020 16:26:25 +0000
Subject: [PATCH] Fix tinc up and down scripts

---
 tinc/tinc-down.tmpl | 4 ++++
 tinc/tinc-up.tmpl   | 4 ++--
 2 files changed, 6 insertions(+), 2 deletions(-)
 create mode 100644 tinc/tinc-down.tmpl

diff --git a/tinc/tinc-down.tmpl b/tinc/tinc-down.tmpl
new file mode 100644
index 0000000..684e7b2
--- /dev/null
+++ b/tinc/tinc-down.tmpl
@@ -0,0 +1,4 @@
+# Disable IPv4 kernel routing/forwarding for this network
+iptables -D FORWARD -o \$INTERFACE -d ${network_address}/${global_prefix:-16} -j ACCEPT
+{{ if len "${bgp_routes:-}" }}{{ range "$bgp_routes" | split "," }}iptables -D FORWARD -o ${internal_interface:-eth0} -d {{.}} -j ACCEPT
+{{ end }}{{ end }}
diff --git a/tinc/tinc-up.tmpl b/tinc/tinc-up.tmpl
index 3e58208..69f5ead 100644
--- a/tinc/tinc-up.tmpl
+++ b/tinc/tinc-up.tmpl
@@ -2,6 +2,6 @@
 ifconfig \$INTERFACE ${tinc_peer_address} netmask ${netmask:-255.255.255.0}
 
 # Enable IPv4 kernel routing/forwarding for this network
-iptables -A FORWARD -o \$INTERFACE -d ${network_address}/${router_prefix:-24} -j ACCEPT
-{{ if len "${bgp_routes:-}" }}{{ range "$bgp_routes" | split "," }}iptables -A FORWARD -o ${internal_interface} -d {{.}} -j ACCEPT
+iptables -A FORWARD -o \$INTERFACE -d ${network_address}/${global_prefix:-16} -j ACCEPT
+{{ if len "${bgp_routes:-}" }}{{ range "$bgp_routes" | split "," }}iptables -A FORWARD -o ${internal_interface:-eth0} -d {{.}} -j ACCEPT
 {{ end }}{{ end }}