Breakertt Blog


Wireguard iptables rules for Oracle VPS

Breakertt's Avatar 2023-02-03 Linux

Oracle VPS instance has a set of quite strong initial iptables rules for the safety of server, therefore we need to open the access from these new interafaces and ports, and also, insert these rules to the top of chains.

You can use follow rules in /etc/wireguard/wg%i.conf

PostUp = iptables -I FORWARD 1 -i %i -o enp0s3 -j ACCEPT; iptables -I FORWARD 1 -i enp0s3 -o %i -j ACCEPT; iptables -I INPUT 1 -i enp0s3 -p udp --dport 51820 -j ACCEPT; iptables -I INPUT 1 -i %i -j ACCEPT; iptables -t nat -I POSTROUTING 1 -o enp0s3 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -o enp0s3 -j ACCEPT; iptables -D FORWARD -i enp0s3 -o wg0 -j ACCEPT; iptables -D INPUT -i enp0s3 -p udp --dport 51820 -i wg0 -j ACCEPT; iptables -D INPUT -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o enp0s3 -j MASQUERADE
本文最后更新于 天前,文中所描述的信息可能已发生改变