We have a bastion host at work which is like several others we have. It has OpenVPN and OpenSSH which we’re allowed to access. The machine acts as a gateway to access several other private subnets. It uses an iptables rule like this iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -i ens3 -j MASQUERADE Last night we setup a new host with WireGuard using systemd-networkd v241 and wanted to setup these masquerade rules, but we couldn’t actually figure out how to do them. We stumbled across RouteRulePolicy, but I have a feeling is we don’t really understand how to do what we did in iptables in iproute2 so we kept banging our heads and eventually I gave up and simply ran the iptables commands myself and it worked, but I’d like to actually do this correctly inside systemd networkd. Is there anything someone can do to shed some light here or someone who has done this already? _______________________________________________ systemd-devel mailing list systemd-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/systemd-devel
How to replace iptables nat rule in systemd networkd
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: How to replace iptables nat rule in systemd networkd
- From: cmp <me@xxxxxx>
- Date: Thu, 14 Mar 2019 09:58:19 -0400
- Follow-Ups:
- Re: How to replace iptables nat rule in systemd networkd
- From: Mantas Mikulėnas
- Re: How to replace iptables nat rule in systemd networkd
- Prev by Date: Re: unit been dead before been running
- Next by Date: Re: How to replace iptables nat rule in systemd networkd
- Previous by thread: Re: [PATCH weston] doc/systemd: system service example
- Next by thread: Re: How to replace iptables nat rule in systemd networkd
- Index(es):
 |