diff options
Diffstat (limited to 'etc/nftables.conf')
| -rw-r--r-- | etc/nftables.conf | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/etc/nftables.conf b/etc/nftables.conf index be70bebb..5845c4c9 100644 --- a/etc/nftables.conf +++ b/etc/nftables.conf @@ -9,6 +9,7 @@ flush ruleset define pub_iface = "ens18" +define pub_iface6 = "ipv6net" define wg_iface = "wg0" table inet my_table { @@ -62,7 +63,9 @@ table inet nat { policy accept # Needed for VPN. Needed for port forwarding from cilent with VPN through server # https://www.procustodibus.com/blog/2022/09/wireguard-port-forward-from-internet/#default-route - oifname $pub_iface masquerade + # xyzba uses 6in4 sit tunnel for ipv6. To use ipv6 when wg to xyzba, that network interface name ipv6net ($pub_iface6) also needs to be masqueraded + # https://wiki.archlinux.org/title/IPv6_tunnel_broker_setup + oifname { $pub_iface, $pub_iface6 } masquerade # needed for port forwarding from client without VPN through server # https://www.procustodibus.com/blog/2022/09/wireguard-port-forward-from-internet/#masquerading #oifname $wg_iface masquerade |