Open Prajwal-Koirala opened 1 year ago
add table inet filter
add chain inet filter INPUT { type filter hook input priority 0; policy accept; }
add chain inet filter FORWARD { type filter hook forward priority 0; policy accept; }
add chain inet filter OUTPUT { type filter hook output priority 0; policy accept; }
add rule inet filter INPUT ip saddr 10.0.0.0/8 udp dport 53 ct state new counter accept
add rule inet filter FORWARD iifname "wg0" counter accept
add table inet nat
add chain inet nat PREROUTING { type nat hook prerouting priority -100; policy accept; }
add chain inet nat INPUT { type nat hook input priority 100; policy accept; }
add chain inet nat OUTPUT { type nat hook output priority -100; policy accept; }
add chain inet nat POSTROUTING { type nat hook postrouting priority 100; policy accept; }
add rule inet nat POSTROUTING oifname "eth0" counter masquerade
table inet filter {
chain input {
type filter hook input priority filter; policy accept;
}
chain forward {
type filter hook forward priority filter; policy accept;
}
chain output {
type filter hook output priority filter; policy accept;
}
chain INPUT {
type filter hook input priority filter; policy accept;
ip saddr 10.0.0.0/8 udp dport 53 ct state new counter packets 34 bytes 2292 accept
}
chain FORWARD {
type filter hook forward priority filter; policy accept;
iifname "wg0" counter packets 1358 bytes 149278 accept
}
chain OUTPUT {
type filter hook output priority filter; policy accept;
}
}
table inet nat {
chain PREROUTING {
type nat hook prerouting priority dstnat; policy accept;
}
chain INPUT {
type nat hook input priority 100; policy accept;
}
chain OUTPUT {
type nat hook output priority -100; policy accept;
}
chain POSTROUTING {
type nat hook postrouting priority srcnat; policy accept;
oifname "eth0" counter packets 126 bytes 12925 masquerade
}
}
table inet wireguard {
chain INPUT {
type filter hook input priority filter; policy accept;
ip saddr 10.0.0.0/8 udp dport 53 ct state new accept
}
chain FORWARD {
type filter hook forward priority filter; policy accept;
iifname "wg0" accept
}
chain POSTROUTING {
type nat hook postrouting priority srcnat; policy accept;
oifname "eth0" masquerade
}
}
table inet wireguard {
chain INPUT {
type filter hook input priority filter; policy accept;
iifname "wg0" accept
}
chain FORWARD {
type filter hook forward priority filter; policy accept;
iifname "wg0" accept
}
chain POSTROUTING {
type nat hook postrouting priority srcnat; policy accept;
oifname "eth0" masquerade
}
}
Rewrite
netfilter
rules.I really need help with this.