Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- -A FORWARD -s 10.10.10.0/24 -m policy --dir in --pol ipsec --proto esp -m comment --comment "VPN forwarding" -j ACCEPT
- -A FORWARD -d 10.10.10.0/24 -m policy --dir out --pol ipsec --proto esp -m comment --comment "VPN forwarding" -j ACCEPT
- ...
- *nat
- :POSTROUTING ACCEPT [0:0]
- -A POSTROUTING -s 10.10.10.0/24 -o eth0 -m policy --dir out --pol ipsec -j ACCEPT
- -A POSTROUTING -s 10.10.10.0/24 -o eth0 -j MASQUERADE
- ...
- *mangle
- :POSTROUTING ACCEPT [30:1812]
- -A FORWARD -s 10.10.10.0/24 -o eth0 -p tcp -m policy --dir in --pol ipsec -m tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1361:1536 -j TCPMSS --set-mss 1360
- -A FORWARD -s 10.10.10.0/24 -o eth0 -p tcp -m policy --dir in --pol ipsec -m tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1361:1536 -j TCPMSS --set-mss 1360
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement