diff options
| author | Dmitry Ilvokhin <d@ilvokhin.com> | 2024-06-15 19:05:54 +0100 |
|---|---|---|
| committer | Dmitry Ilvokhin <d@ilvokhin.com> | 2024-06-15 19:05:54 +0100 |
| commit | a35d8e570b8bc0d1da4d9a2db17ca3aeaeaf5374 (patch) | |
| tree | 3593e4c34dd8c281e3e148e711d01363f76ea470 /roles/wgtor/templates/wgtor0.conf.j2 | |
| parent | 7665aac0967ea9f2d996d14b95fe406e3762795d (diff) | |
| download | infra-a35d8e570b8bc0d1da4d9a2db17ca3aeaeaf5374.tar.gz infra-a35d8e570b8bc0d1da4d9a2db17ca3aeaeaf5374.tar.bz2 infra-a35d8e570b8bc0d1da4d9a2db17ca3aeaeaf5374.zip | |
Rename wg2 interface to wgtor0
Diffstat (limited to 'roles/wgtor/templates/wgtor0.conf.j2')
| -rw-r--r-- | roles/wgtor/templates/wgtor0.conf.j2 | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/roles/wgtor/templates/wgtor0.conf.j2 b/roles/wgtor/templates/wgtor0.conf.j2 new file mode 100644 index 0000000..5d72891 --- /dev/null +++ b/roles/wgtor/templates/wgtor0.conf.j2 @@ -0,0 +1,22 @@ +[Interface] +PrivateKey = {{ wireguard_private_key }} +Address = 10.0.2.1/24 +ListenPort = 51822 + +# See for source of iptables rules. +# https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TransparentProxy + +PostUp = iptables -t nat -A PREROUTING -i %i -p udp --dport 53 -j REDIRECT --to-ports 5353 +PostUp = iptables -t nat -A PREROUTING -i %i -p udp --dport 5353 -j REDIRECT --to-ports 5353 +PostUp = iptables -t nat -A PREROUTING -i %i -p tcp --syn -j REDIRECT --to-ports 9040 +PostUp = iptables -t nat -A OUTPUT -p tcp -d 10.192.0.0/10 -j REDIRECT --to-ports 9040 + +PostDown = iptables -t nat -D PREROUTING -i %i -p udp --dport 53 -j REDIRECT --to-ports 5353 +PostDown = iptables -t nat -D PREROUTING -i %i -p udp --dport 5353 -j REDIRECT --to-ports 5353 +PostDown = iptables -t nat -D PREROUTING -i %i -p tcp --syn -j REDIRECT --to-ports 9040 +PostDown = iptables -t nat -D OUTPUT -p tcp -d 10.192.0.0/10 -j REDIRECT --to-ports 9040 + +# earth +[Peer] +PublicKey = HhBhDQmGzltIGQOn+clbRIkQt7ocPAuqsUS+ytinIwU= +AllowedIPs = 10.0.2.2/32 |