Guest User

Untitled

a guest
Sep 22nd, 2019
48
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # sysctl -a |grep 'forwarding = 1'
  2. net.ipv4.conf.ens3.forwarding = 1
  3. net.ipv4.conf.tun-ivn.forwarding = 1
  4. net.ipv4.conf.wg-ivn.forwarding = 1
  5.  
  6. # iptables-save
  7. *nat
  8. :PREROUTING ACCEPT [113088:6708414]
  9. :INPUT ACCEPT [103613:5878807]
  10. :OUTPUT ACCEPT [364:21872]
  11. :POSTROUTING ACCEPT [364:21872]
  12. -A PREROUTING -i tun-ivn -j MARK --set-xmark 0x7b/0xffffffff
  13. -A PREROUTING -i wg-ivn -j MARK --set-xmark 0x7b/0xffffffff
  14. -A POSTROUTING -o ens3 -m mark --mark 0x7b -j MASQUERADE
  15. COMMIT
  16. *filter
  17. :INPUT ACCEPT [178114:14065613]
  18. :FORWARD ACCEPT [0:0]
  19. :OUTPUT ACCEPT [175869:18034452]
  20. -A FORWARD -i tun-ivn -o ens3 -j ACCEPT
  21. -A FORWARD -i wg-ivn -o ens3 -j ACCEPT
  22. -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
  23. -A FORWARD -j DROP
  24. COMMIT
  25.  
  26. # tcpdump -ni wg-ivn
  27. tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
  28. listening on wg-ivn, link-type RAW (Raw IP), capture size 262144 bytes
  29. 10:23:18.458643 IP 10.254.221.8 > 163.172.74.46: ICMP echo request, id 19, seq 674, length 64
  30. 10:23:19.472094 IP 10.254.221.8 > 163.172.74.46: ICMP echo request, id 19, seq 675, length 64
RAW Paste Data