primemover/wg-mail-tunnel
primemover/wg-mail-tunnel
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
wg-mail-tunnel/server/wg0.conf
first 9fdaeb839e Update server/wg0.conf
2025-01-26 07:38:41 +00:00

47 lines
3 KiB
Plaintext
Raw Permalink Blame History

[Interface]
# Replace with the server's private key
PrivateKey = SERVER_PRIVATE_KEY
# VPN interface IP address
Address = 10.99.97.1/24
# Listening port
ListenPort = 51820
# Enable IP forwarding and NAT masquerading
PostUp = echo 1 > /proc/sys/net/ipv4/ip_forward
PostUp = iptables -A FORWARD -i wg0 -o eth0 -j ACCEPT
PostUp = iptables -A FORWARD -i eth0 -o wg0 -m state --state RELATED,ESTABLISHED -j ACCEPT
#PostUp = iptables -A FORWARD -o %i -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
PostUp = iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# Port forwarding for specific services to the client (10.99.97.4)
PostUp = iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 25 -j DNAT --to-destination 10.99.97.4:25
PostUp = iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination 10.99.97.4:80
PostUp = iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j DNAT --to-destination 10.99.97.4:443
PostUp = iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 110 -j DNAT --to-destination 10.99.97.4:110
PostUp = iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 143 -j DNAT --to-destination 10.99.97.4:143
PostUp = iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 465 -j DNAT --to-destination 10.99.97.4:465
PostUp = iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 587 -j DNAT --to-destination 10.99.97.4:587
PostUp = iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 993 -j DNAT --to-destination 10.99.97.4:993
PostUp = iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 995 -j DNAT --to-destination 10.99.97.4:995
PostUp = iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 4190 -j DNAT --to-destination 10.99.97.4:4190
# Clean up rules on shutdown
PostDown = iptables -D FORWARD -i wg0 -o eth0 -j ACCEPT
PostDown = iptables -D FORWARD -i eth0 -o wg0 -m state --state RELATED,ESTABLISHED -j ACCEPT
PostDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 25 -j DNAT --to-destination 10.99.97.4:25
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination 10.99.97.4:80
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 443 -j DNAT --to-destination 10.99.97.4:443
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 110 -j DNAT --to-destination 10.99.97.4:110
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 143 -j DNAT --to-destination 10.99.97.4:143
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 465 -j DNAT --to-destination 10.99.97.4:465
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 587 -j DNAT --to-destination 10.99.97.4:587
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 993 -j DNAT --to-destination 10.99.97.4:993
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 995 -j DNAT --to-destination 10.99.97.4:995
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 4190 -j DNAT --to-destination 10.99.97.4:4190
[Peer]
# Client's public key
PublicKey = CLIENT_PUBLIC_KEY
# Allowed IPs for the client
AllowedIPs = 10.99.97.4/32
Reference in a new issue View git blame Copy permalink