Defined selector

This commit is contained in:
Héctor Molinero Fernández 2020-03-02 20:58:56 +01:00
parent 3c5f8fa713
commit 222aad9f8c

View File

@ -13,7 +13,7 @@ PostUp = grep -Fxq 1 /proc/sys/net/ipv4/ip_forward || printf 1 > /p
PostUp = grep -Fxq 1 /proc/sys/net/ipv6/conf/all/forwarding || printf 1 > /proc/sys/net/ipv6/conf/all/forwarding PostUp = grep -Fxq 1 /proc/sys/net/ipv6/conf/all/forwarding || printf 1 > /proc/sys/net/ipv6/conf/all/forwarding
PostUp = grep -Fxq 1 /proc/sys/net/ipv6/conf/default/forwarding || printf 1 > /proc/sys/net/ipv6/conf/default/forwarding PostUp = grep -Fxq 1 /proc/sys/net/ipv6/conf/default/forwarding || printf 1 > /proc/sys/net/ipv6/conf/default/forwarding
# Store the internet-facing interface in a file for later use # Store the internet-facing interface in a file for later use
PostUp = ip route show default | awk '/^default/{print $5}' > /etc/wireguard/default-iface PostUp = ip route show default 0.0.0.0/0 | awk '/^default/{print $5}' > /etc/wireguard/default-iface
# Allow access WireGuard via port 51820/UDP on the internet-facing interface # Allow access WireGuard via port 51820/UDP on the internet-facing interface
PostUp = iptables -A INPUT -i "$(cat /etc/wireguard/default-iface)" -p udp --dport 51820 -j ACCEPT PostUp = iptables -A INPUT -i "$(cat /etc/wireguard/default-iface)" -p udp --dport 51820 -j ACCEPT
PostUp = ip6tables -A INPUT -i "$(cat /etc/wireguard/default-iface)" -p udp --dport 51820 -j ACCEPT PostUp = ip6tables -A INPUT -i "$(cat /etc/wireguard/default-iface)" -p udp --dport 51820 -j ACCEPT