Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- > iptables-save; sysctl net 2> /dev/null | grep -e forward; wg show
- 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
- link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
- inet 127.0.0.1/8 scope host lo
- valid_lft forever preferred_lft forever
- inet6 ::1/128 scope host
- valid_lft forever preferred_lft forever
- 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
- link/ether 5a:bf:76:c1:30:61 brd ff:ff:ff:ff:ff:ff
- inet xxxxxxxxxxxxx/20 brd xxxxxxxxx scope global eth0
- valid_lft forever preferred_lft forever
- inet 10.18.0.5/16 brd 10.18.255.255 scope global eth0
- valid_lft forever preferred_lft forever
- inet6 fe80::58bf:76ff:fec1:3061/64 scope link
- valid_lft forever preferred_lft forever
- 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
- link/ether 2a:d6:94:9f:65:00 brd ff:ff:ff:ff:ff:ff
- inet 10.110.0.2/20 brd 10.110.15.255 scope global eth1
- valid_lft forever preferred_lft forever
- inet6 fe80::28d6:94ff:fe9f:6500/64 scope link
- valid_lft forever preferred_lft forever
- 6: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
- link/none
- inet 10.8.0.1/24 scope global wg0
- valid_lft forever preferred_lft forever
- inet6 fd42:42:42::1/64 scope global
- valid_lft forever preferred_lft forever
- default via xxxxxxxxx dev eth0 proto static
- 10.8.0.0/24 dev wg0 proto kernel scope link src 10.8.0.1
- 10.18.0.0/16 dev eth0 proto kernel scope link src 10.18.0.5
- 10.110.0.0/20 dev eth1 proto kernel scope link src 10.110.0.2
- xxxxxxxxx.0/20 dev eth0 proto kernel scope link src xxxxxxxxx
- 192.168.10.0/24 dev wg0 scope link
- broadcast 10.8.0.0 dev wg0 table local proto kernel scope link src 10.8.0.1
- local 10.8.0.1 dev wg0 table local proto kernel scope host src 10.8.0.1
- broadcast 10.8.0.255 dev wg0 table local proto kernel scope link src 10.8.0.1
- broadcast 10.18.0.0 dev eth0 table local proto kernel scope link src 10.18.0.5
- local 10.18.0.5 dev eth0 table local proto kernel scope host src 10.18.0.5
- broadcast 10.18.255.255 dev eth0 table local proto kernel scope link src 10.18.0.5
- broadcast 10.110.0.0 dev eth1 table local proto kernel scope link src 10.110.0.2
- local 10.110.0.2 dev eth1 table local proto kernel scope host src 10.110.0.2
- broadcast 10.110.15.255 dev eth1 table local proto kernel scope link src 10.110.0.2
- broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1
- local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
- local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
- broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
- broadcast xxxxxxxxx.0 dev eth0 table local proto kernel scope link src xxxxxxxx
- local xxxxxxxxxxx dev eth0 table local proto kernel scope host src xxxxxxxxxx
- broadcast xxxxxxxxxxx dev eth0 table local proto kernel scope link src xxxxxxxxxx
- ::1 dev lo proto kernel metric 256 pref medium
- fd42:42:42::/64 dev wg0 proto kernel metric 256 pref medium
- fe80::/64 dev eth1 proto kernel metric 256 pref medium
- fe80::/64 dev eth0 proto kernel metric 256 pref medium
- local ::1 dev lo table local proto kernel metric 0 pref medium
- anycast fd42:42:42:: dev wg0 table local proto kernel metric 0 pref medium
- local fd42:42:42::1 dev wg0 table local proto kernel metric 0 pref medium
- anycast fe80:: dev eth0 table local proto kernel metric 0 pref medium
- anycast fe80:: dev eth1 table local proto kernel metric 0 pref medium
- local fe80::28d6:94ff:fe9f:6500 dev eth1 table local proto kernel metric 0 pref medium
- local fe80::58bf:76ff:fec1:3061 dev eth0 table local proto kernel metric 0 pref medium
- ff00::/8 dev eth1 table local metric 256 pref medium
- ff00::/8 dev eth0 table local metric 256 pref medium
- ff00::/8 dev wg0 table local metric 256 pref medium
- 0: from all lookup local
- 32766: from all lookup main
- 32767: from all lookup default
- # Generated by iptables-save v1.8.4 on Sat Jan 30 11:24:19 2021
- *nat
- :PREROUTING ACCEPT [69403:6395231]
- :INPUT ACCEPT [33342:2826062]
- :OUTPUT ACCEPT [3435:255772]
- :POSTROUTING ACCEPT [29:2070]
- -A POSTROUTING -o eth0 -j MASQUERADE
- COMMIT
- # Completed on Sat Jan 30 11:24:19 2021
- # Generated by iptables-save v1.8.4 on Sat Jan 30 11:24:19 2021
- *filter
- :INPUT ACCEPT [1233390:182965055]
- :FORWARD ACCEPT [1337459:8131751230]
- :OUTPUT ACCEPT [6230903:8740707940]
- -A INPUT -s 10.8.0.0/24 -p udp -m udp --dport 53 -m conntrack --ctstate NEW -j ACCEPT
- -A FORWARD -i wg0 -j ACCEPT
- COMMIT
- # Completed on Sat Jan 30 11:24:19 2021
- net.ipv4.conf.all.bc_forwarding = 0
- net.ipv4.conf.all.forwarding = 1
- net.ipv4.conf.all.mc_forwarding = 0
- net.ipv4.conf.default.bc_forwarding = 0
- net.ipv4.conf.default.forwarding = 1
- net.ipv4.conf.default.mc_forwarding = 0
- net.ipv4.conf.eth0.bc_forwarding = 0
- net.ipv4.conf.eth0.forwarding = 1
- net.ipv4.conf.eth0.mc_forwarding = 0
- net.ipv4.conf.eth1.bc_forwarding = 0
- net.ipv4.conf.eth1.forwarding = 1
- net.ipv4.conf.eth1.mc_forwarding = 0
- net.ipv4.conf.lo.bc_forwarding = 0
- net.ipv4.conf.lo.forwarding = 1
- net.ipv4.conf.lo.mc_forwarding = 0
- net.ipv4.conf.wg0.bc_forwarding = 0
- net.ipv4.conf.wg0.forwarding = 1
- net.ipv4.conf.wg0.mc_forwarding = 0
- net.ipv4.ip_forward = 1
- net.ipv4.ip_forward_update_priority = 1
- net.ipv4.ip_forward_use_pmtu = 0
- net.ipv6.conf.all.forwarding = 1
- net.ipv6.conf.all.mc_forwarding = 0
- net.ipv6.conf.default.forwarding = 1
- net.ipv6.conf.default.mc_forwarding = 0
- net.ipv6.conf.eth0.forwarding = 1
- net.ipv6.conf.eth0.mc_forwarding = 0
- net.ipv6.conf.eth1.forwarding = 1
- net.ipv6.conf.eth1.mc_forwarding = 0
- net.ipv6.conf.lo.forwarding = 1
- net.ipv6.conf.lo.mc_forwarding = 0
- net.ipv6.conf.wg0.forwarding = 1
- net.ipv6.conf.wg0.mc_forwarding = 0
- interface: wg0
- public key: xxxxxxxxxxxxx
- listening port: 51820
- peer: xxxxxxxxxxx
- preshared key: (hidden)
- endpoint: xxxxxxxxxx:52360
- allowed ips: 10.8.0.5/32, fd42:42:42::5/128
- latest handshake: 1 minute, 38 seconds ago
- transfer: 124.45 MiB received, 7.95 GiB sent
- peer: xxxxxxxxxxxx
- preshared key: (hidden)
- endpoint: xxxxxxxxxxx:11883
- allowed ips: 10.8.0.4/32, fd42:42:42::4/128
- latest handshake: 3 hours, 35 minutes, 5 seconds ago
- transfer: 539.91 KiB received, 1.54 MiB sent
- peer: xxxxxxxxx
- preshared key: (hidden)
- allowed ips: 10.8.0.6/32, fd42:42:42::6/128, 192.168.10.0/24
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
