19 lines
584 B
Plaintext
19 lines
584 B
Plaintext
table filter {
|
|
set http_ratelimit { type ipv4_addr; timeout 1s; flags dynamic; }
|
|
chain input { type filter hook input priority 0;policy drop;}
|
|
chain forward { type filter hook forward priority 0;
|
|
iifname wg0 accept;
|
|
iifname enp11s0 accept;
|
|
ct status dnat accept;
|
|
}
|
|
chain output { type filter hook output priority 0; }
|
|
}
|
|
|
|
table nat {
|
|
chain prerouting { type nat hook prerouting priority -100; policy accept;}
|
|
chain postrouting { type nat hook postrouting priority 100;
|
|
iifname wg0 oifname enp11s0 masquerade;
|
|
iifname enp11s0 oifname wg0 masquerade;
|
|
}
|
|
}
|