https://bugs.koozali.org/show_bug.cgi?id=12288
Bug ID: 12288
Summary: MASQUERADE create unexpected result
Classification: Contribs
Product: SME Contribs
Version: 10.0
Hardware: ---
OS: ---
Status: CONFIRMED
Severity: normal
Priority: P3
Component: smeserver-wireguard
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
Target Milestone: ---
enabling masquerad in POSTROUTING make other vpn like openvpn behave unexpected
:
client form remote network are shown as SME LAN IP, which in some case could
refuse the connexion when the remote ip is expected.
on the other hand after a full masq restart, the wireguard postup is removed
and client still are able to access the lan and internet when connected.
so
/etc/e-smith/templates/etc/wireguard/wg0.conf/10interface:PostUp = iptables -I
FORWARD -i %i -j ACCEPT; iptables -I FORWARD -o %i -j ACCEPT; iptables -t nat
-A POSTROUTING -o {$outernet = ($SystemMode eq "serveronly") ?
$InternalInterface{Name} : $ExternalInterface{Name}; return
$InternalInterface{Name} } -j MASQUERADE
/etc/e-smith/templates/etc/wireguard/wg0.conf/10interface:PostDown = iptables
-D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t
nat -D POSTROUTING -o {$outernet = ($SystemMode eq "serveronly") ?
$InternalInterface{Name} : $ExternalInterface{Name}; return
$InternalInterface{Name} } -j MASQUERADE
should be removed
--
You are receiving this mail because:
You are the assignee for the bug._______________________________________________
Mail for each SME Contribs bug report
To unsubscribe, e-mail [email protected]
Searchable archive at https://lists.contribs.org/mailman/public/contribteam/
