From 6cf51ce232dc7975ffea8bc10994ad3c827289c6 Mon Sep 17 00:00:00 2001
From: Xiao Pan <gky44px1999@gmail.com>
Date: Fri, 28 Jun 2024 00:38:53 +0000
Subject: New wg and swgp config for route all traffic to ca

Change swgp port to avoid server client same port error. New wg default
route all traffic to ca with wg_ca. Only accept direct connect from insp
when wg0 is enabled.
---
 etc/nftables.conf                                                 | 2 +-
 etc/services                                                      | 1 +
 etc/systemd/system/multi-user.target.wants/wg-quick@wg0.service   | 1 -
 etc/systemd/system/multi-user.target.wants/wg-quick@wg_ca.service | 1 +
 4 files changed, 3 insertions(+), 2 deletions(-)
 delete mode 120000 etc/systemd/system/multi-user.target.wants/wg-quick@wg0.service
 create mode 120000 etc/systemd/system/multi-user.target.wants/wg-quick@wg_ca.service

(limited to 'etc')

diff --git a/etc/nftables.conf b/etc/nftables.conf
index 5adbf28a..5c668feb 100644
--- a/etc/nftables.conf
+++ b/etc/nftables.conf
@@ -29,7 +29,7 @@ table inet my_table {
 		#udp dport qbt accept
 		#tcp dport iperf3 accept
 		#udp dport wireguard accept
-		udp dport swgp accept
+		udp dport swgp-aa-server accept
 
 		pkttype host limit rate 5/second counter reject with icmpx type admin-prohibited
 		counter comment "count any other traffic"
diff --git a/etc/services b/etc/services
index 91a89df2..a248bb3d 100644
--- a/etc/services
+++ b/etc/services
@@ -11514,3 +11514,4 @@ wireguard       49432/udp
 ssh-isp         49812/tcp
 iperf3          53497/tcp
 swgp            54635/udp
+swgp-aa-server  54636/udp
diff --git a/etc/systemd/system/multi-user.target.wants/wg-quick@wg0.service b/etc/systemd/system/multi-user.target.wants/wg-quick@wg0.service
deleted file mode 120000
index 0a92cb9a..00000000
--- a/etc/systemd/system/multi-user.target.wants/wg-quick@wg0.service
+++ /dev/null
@@ -1 +0,0 @@
-/usr/lib/systemd/system/wg-quick@.service
\ No newline at end of file
diff --git a/etc/systemd/system/multi-user.target.wants/wg-quick@wg_ca.service b/etc/systemd/system/multi-user.target.wants/wg-quick@wg_ca.service
new file mode 120000
index 00000000..0a92cb9a
--- /dev/null
+++ b/etc/systemd/system/multi-user.target.wants/wg-quick@wg_ca.service
@@ -0,0 +1 @@
+/usr/lib/systemd/system/wg-quick@.service
\ No newline at end of file
-- 
cgit v1.2.3-70-g09d2