sonny/debian-setup
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add wireguard configuration

Browse source
This commit is contained in:
sonny 2021-12-28 11:27:12 +01:00
parent ce46689f57
commit a043bae576
16 changed files with 155 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

14
templates/nftables.j2
View file

@ -19,14 +19,14 @@ table ip filter {
# allow icmp
ip protocol icmp accept
iifname 'br0' tcp dport {{ ssh_port }} accept comment 'SSH'
iifname 'br0' tcp dport { {{ http_port }}, {{ https_port }} } accept comment 'HTTP/HTTPS'
iifname "br0" tcp dport {{ ssh_port }} accept comment "SSH"
iifname "br0" tcp dport { {{ http_port }}, {{ https_port }} } accept comment "HTTP/HTTPS"
iifname 'br0' tcp dport {{ vpn_port }} accept comment 'Wireguard'
iifname "br0" tcp dport {{ vpn_port }} accept comment "Wireguard"
iifname '{{ vpn_interface }}' tcp dport { {{ http_port }}, {{ https_port }} } ip saddr {{ vpn_source_range }} ip daddr {{ vpn_destination_range }} accept comment 'HTTP/HTTPS'
iifname '{{ vpn_interface }}' tcp dport {{ transmission_port }} ip saddr {{ vpn_source_range }} ip daddr {{ vpn_destination_range }} accept comment 'Transmission'
iifname '{{ vpn_interface }}' tcp dport { {{ syncthing_gui_port }}, {{ syncthing_protocol_port }} } ip saddr {{ vpn_source_range }} ip daddr {{ vpn_destination_range }} accept comment 'Syncthing'
iifname '{{ vpn_interface }}' tcp dport {{ mpd_port }} ip saddr {{ vpn_source_range }} ip daddr {{ vpn_destination_range }} accept comment 'MPD'
iifname "{{ vpn_interface }}" tcp dport { {{ http_port }}, {{ https_port }} } ip saddr {{ vpn_source_range }} ip daddr {{ vpn_destination_range }} accept comment "HTTP/HTTPS"
iifname "{{ vpn_interface }}" tcp dport {{ transmission_port }} ip saddr {{ vpn_source_range }} ip daddr {{ vpn_destination_range }} accept comment "Transmission"
iifname "{{ vpn_interface }}" tcp dport { {{ syncthing_gui_port }}, {{ syncthing_protocol_port }} } ip saddr {{ vpn_source_range }} ip daddr {{ vpn_destination_range }} accept comment "Syncthing"
iifname "{{ vpn_interface }}" tcp dport {{ mpd_port }} ip saddr {{ vpn_source_range }} ip daddr {{ vpn_destination_range }} accept comment "MPD"
}
}