SHARE
TWEET

Untitled

a guest Sep 22nd, 2019 27 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # sysctl -a |grep 'forwarding = 1'
  2. net.ipv4.conf.ens3.forwarding = 1
  3. net.ipv4.conf.tun-ivn.forwarding = 1
  4. net.ipv4.conf.wg-ivn.forwarding = 1
  5.  
  6. # iptables-save
  7. *nat
  8. :PREROUTING ACCEPT [113088:6708414]
  9. :INPUT ACCEPT [103613:5878807]
  10. :OUTPUT ACCEPT [364:21872]
  11. :POSTROUTING ACCEPT [364:21872]
  12. -A PREROUTING -i tun-ivn -j MARK --set-xmark 0x7b/0xffffffff
  13. -A PREROUTING -i wg-ivn -j MARK --set-xmark 0x7b/0xffffffff
  14. -A POSTROUTING -o ens3 -m mark --mark 0x7b -j MASQUERADE
  15. COMMIT
  16. *filter
  17. :INPUT ACCEPT [178114:14065613]
  18. :FORWARD ACCEPT [0:0]
  19. :OUTPUT ACCEPT [175869:18034452]
  20. -A FORWARD -i tun-ivn -o ens3 -j ACCEPT
  21. -A FORWARD -i wg-ivn -o ens3 -j ACCEPT
  22. -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
  23. -A FORWARD -j DROP
  24. COMMIT
  25.  
  26. # tcpdump -ni wg-ivn
  27. tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
  28. listening on wg-ivn, link-type RAW (Raw IP), capture size 262144 bytes
  29. 10:23:18.458643 IP 10.254.221.8 > 163.172.74.46: ICMP echo request, id 19, seq 674, length 64
  30. 10:23:19.472094 IP 10.254.221.8 > 163.172.74.46: ICMP echo request, id 19, seq 675, length 64
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top