From 0f0f6e4c142ef4ca7243d864da2097040236213b Mon Sep 17 00:00:00 2001
From: Xiao Pan <gky44px1999@gmail.com>
Date: Fri, 1 Dec 2023 02:54:38 +0000
Subject: sysctl need net.ipv4.ip_forward=1 for wireguard masquerade? to work

---
 etc/sysctl.d/99-sysctl.conf | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'etc')

diff --git a/etc/sysctl.d/99-sysctl.conf b/etc/sysctl.d/99-sysctl.conf
index 4234b543..0f8abbfd 100644
--- a/etc/sysctl.d/99-sysctl.conf
+++ b/etc/sysctl.d/99-sysctl.conf
@@ -1 +1,6 @@
+# at least `net.ipv4.ip_forward = 1` is needed for wireguard masquerade? to work
+# ka seems has this as default, maybe arch linux cloud-init image has this as default?
+# https://forums.rockylinux.org/t/wireguard-masquerade-wont-work/7752
+# https://wiki.archlinux.org/title/Nftables#NAT_with_port_forwarding
 net.ipv4.ip_forward = 1
+net.ipv6.conf.all.forwarding = 1
-- 
cgit v1.2.3-70-g09d2