docs: update cloud
This commit is contained in:
matze
parent
9eccd3372f
commit
d65e38b310
35
cloud.md
35
cloud.md
@ -2,7 +2,7 @@
|
||||
title: Cloud
|
||||
description:
|
||||
published: true
|
||||
date: 2019-12-07T17:14:58.135Z
|
||||
date: 2019-12-07T18:07:45.135Z
|
||||
tags:
|
||||
---
|
||||
|
||||
@ -28,6 +28,10 @@ Networking > Virtual Cloud Networks >Virtual Cloud Network Details > Network Sec
|
||||
|
||||
Networking > Virtual Cloud Networks >Virtual Cloud Network Details > Security Lists
|
||||
|
||||
### Allow Port in firewall
|
||||
|
||||
```sudo iptables -4 -I INPUT 6 -p udp --dport 54541 -m comment --comment "Wireguard listen port" -j ACCEPT```
|
||||
|
||||
### Wireguard Server
|
||||
|
||||
Tools
|
||||
@ -80,3 +84,32 @@ sudo wg-quick up wg0
|
||||
sudo systemctl enable wg-quick@wg0
|
||||
```
|
||||
|
||||
### Wireguard Client
|
||||
```
|
||||
sudo iptables -t mangle -I PREROUTING 1 -i br-vlanwgnl1 ! -d 172.57.0.0/16 -j MARK --set-mark 0x25
|
||||
sudo ip -4 link add dev wg1 type wireguard
|
||||
sudo ifconfig wg1 up
|
||||
sudo wg setconf wg1 /etc/wireguard/wg1.conf
|
||||
sudo ip -4 address add 10.50.0.2/32 dev wg1
|
||||
sudo ip -4 link set mtu 1420 up dev wg1
|
||||
sudo printf 'nameserver %s\n' '1.1.1.1' | sudo resolvconf -a wg1 -m 0 -x
|
||||
sudo sysctl -w net.ipv4.conf.all.rp_filter=2
|
||||
sudo ip -4 rule add from all fwmark 0x25 lookup 200
|
||||
sudo ip -4 route add default via 10.50.0.2 table 200
|
||||
sudo iptables -t nat -A POSTROUTING -o br-vlanwgnl1 -j MASQUERADE
|
||||
```
|
||||
|
||||
#### Tools
|
||||
```
|
||||
# Show mangle rules
|
||||
sudo iptables -L -v -t mangle
|
||||
|
||||
# Show iptables
|
||||
sudo iptables -L -v --line-numbers
|
||||
|
||||
# Show routing table
|
||||
sudo route -n
|
||||
|
||||
# Remove ip rule
|
||||
sudo ip rule del fwmark 0x25
|
||||
```
|
||||
Loading…
x
Reference in New Issue
Block a user