docs: update cloud

cloud.md

@@ -2,7 +2,7 @@
 title: Cloud
 description: 
 published: true
-date: 2019-12-07T17:14:58.135Z
+date: 2019-12-07T18:07:45.135Z
 tags: 
 ---
 
@@ -28,6 +28,10 @@ Networking > Virtual Cloud Networks >Virtual Cloud Network Details > Network Sec
 
 Networking > Virtual Cloud Networks >Virtual Cloud Network Details > Security Lists
 
+### Allow Port in firewall
+
+```sudo iptables -4 -I INPUT 6 -p udp --dport 54541 -m comment --comment "Wireguard listen port" -j ACCEPT```
+
 ### Wireguard Server
 
 Tools
@@ -80,3 +84,32 @@ sudo wg-quick up wg0
 sudo systemctl enable wg-quick@wg0
 ```
 
+### Wireguard Client
+```
+sudo iptables -t mangle -I PREROUTING 1 -i br-vlanwgnl1 ! -d 172.57.0.0/16 -j MARK --set-mark 0x25
+sudo ip -4 link add dev wg1 type wireguard
+sudo ifconfig wg1 up
+sudo wg setconf wg1 /etc/wireguard/wg1.conf
+sudo ip -4 address add 10.50.0.2/32 dev wg1
+sudo ip -4 link set mtu 1420 up dev wg1
+sudo printf 'nameserver %s\n' '1.1.1.1' | sudo resolvconf -a wg1 -m 0 -x
+sudo sysctl -w net.ipv4.conf.all.rp_filter=2
+sudo ip -4 rule add from all fwmark 0x25 lookup 200
+sudo ip -4 route add default via 10.50.0.2 table 200
+sudo iptables -t nat -A POSTROUTING -o br-vlanwgnl1 -j MASQUERADE
+```
+
+#### Tools
+```
+# Show mangle rules
+sudo iptables -L -v -t mangle
+
+# Show iptables
+sudo iptables -L -v --line-numbers
+
+# Show routing table
+sudo route -n
+
+# Remove ip rule
+sudo ip rule del fwmark 0x25
+```