Commit bb42271 1 parent 39caf2f commit bb42271 Copy full SHA for bb42271
File tree 1 file changed +5
-1
lines changed
1 file changed +5
-1
lines changed Original file line number Diff line number Diff line change @@ -237,7 +237,11 @@ PrivateKey = ${SERVER_PRIV_KEY}" >"/etc/wireguard/${SERVER_WG_NIC}.conf"
237237 FIREWALLD_IPV4 _ADDRESS=$(echo "${SERVER_WG_IPV4} " | cut - d"." - f1 - 3 )".0 "
238238 FIREWALLD_IPV6 _ADDRESS=$(echo "${SERVER_WG_IPV6} " | sed 's/: [^: ]* $/: 0 / ')
239239 echo "PostUp = firewall-cmd --add-port ${SERVER_PORT} / udp && firewall- cmd -- add- rich- rule= 'rule family= ipv4 source address= ${FIREWALLD_IPV4_ADDRESS} / 24 masquerade' && firewall- cmd -- add- rich- rule= 'rule family= ipv6 source address= ${FIREWALLD_IPV6_ADDRESS} / 24 masquerade'
240- PostDown = firewall-cmd --remove-port ${SERVER_PORT} / udp && firewall- cmd -- remove- rich- rule= 'rule family= ipv4 source address= ${FIREWALLD_IPV4_ADDRESS} / 24 masquerade' && firewall- cmd -- remove- rich- rule= 'rule family= ipv6 source address= ${FIREWALLD_IPV6_ADDRESS} / 24 masquerade'" >> "/ etc/ wireguard/ ${SERVER_WG_NIC} .conf"
240+ PostUp = firewall-cmd --direct --add-rule ipv4 filter FORWARD 1 -i ${SERVER_WG_NIC} - j ACCEPT && firewall- cmd -- direct -- add- rule ipv4 filter FORWARD 1 - o ${SERVER_WG_NIC} - j ACCEPT
241+ PostUp = firewall-cmd --direct --add-rule ipv6 filter FORWARD 1 -i ${SERVER_WG_NIC} - j ACCEPT && firewall- cmd -- direct -- add- rule ipv6 filter FORWARD 1 - o ${SERVER_WG_NIC} - j ACCEPT
242+ PostDown = firewall-cmd --remove-port ${SERVER_PORT} / udp && firewall- cmd -- remove- rich- rule= 'rule family= ipv4 source address= ${FIREWALLD_IPV4_ADDRESS} / 24 masquerade' && firewall- cmd -- remove- rich- rule= 'rule family= ipv6 source address= ${FIREWALLD_IPV6_ADDRESS} / 24 masquerade'
243+ PostDown = firewall-cmd --direct --remove-rule ipv4 filter FORWARD 1 -i ${SERVER_WG_NIC} - j ACCEPT && firewall- cmd -- direct -- remove- rule ipv4 filter FORWARD 1 - o ${SERVER_WG_NIC} - j ACCEPT
244+ PostDown = firewall-cmd --direct --remove-rule ipv6 filter FORWARD 1 -i ${SERVER_WG_NIC} - j ACCEPT && firewall- cmd -- direct -- remove- rule ipv6 filter FORWARD 1 - o ${SERVER_WG_NIC} - j ACCEPT" >> "/ etc/ wireguard/ ${SERVER_WG_NIC} .conf "
241245 else
242246 echo "PostUp = iptables -I INPUT -p udp --dport ${SERVER_PORT} - j ACCEPT
243247PostUp = iptables -I FORWARD -i ${SERVER_PUB_NIC} - o ${SERVER_WG_NIC} - j ACCEPT
You can’t perform that action at this time.
0 commit comments