teon
commented
3 months ago @almulalic post/pre up/down are handled by the gateway - either in ENV variables or in it's config - here is the docs: https://defguard.gitbook.io/defguard/admin-and-features/setting-up-your-instance/configuration#gateway-configuration also other type approach is in our tutorial: http://bit.ly/defguard-setup
Is your feature request related to a problem? Please describe. I have tried to look for this info but I couldn't find any so I decded to post this here in hope to get more clarification or potentially file a new request. I have been using wireguard for a year now and had no problems. I have managed to set up defguard and connect to a separate wireguard instance but I noticed that the internet is not working. When I checked the defguard config file (or the visual representation from form) and my config I noticed that I had defined PostUp and PostDown properties that allow me to connect to internet: [Interface] Address = 10.252.1.0/24 ListenPort = 51820 PrivateKey = No MTU = 1500 PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth+ -j MASQUERADE PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth+ -j MASQUERADE Table = auto
I can't find these setting anywhere so I basically have to update apt, install iptables and run this command every time i recreate the container. I will add something in my kubernetes deployment that will do this automatically but it would still be good to keep these options (at least in some kind of advanced options). If I'm wrong and this is supported sorry for wasting your time.
Describe the solution you'd like Defined above.
Describe alternatives you've considered Kubernetes/docker postup script or something like that
Additional context Added above