История изменений
Исправление le_, (текущая версия) :
# iptables -S -t nat
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT
-A PREROUTING -d 89.25.107.134/32 -p tcp -m tcp --dport 24123 -j DNAT --to-destination 192.168.1.15:24123
-A POSTROUTING -d 192.168.1.15/32 -p tcp -m tcp --sport 24123 -j SNAT --to-source 89.25.107.134:24123
-A POSTROUTING -o eth0 -j MASQUERADE
# iptables -S
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --dport 993 -j ACCEPT
-A INPUT -i wg0 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 24123 -j ACCEPT
-A FORWARD -i eth0 -o wg0 -p tcp -m tcp --dport 22000 -m conntrack --ctstate NEW -j ACCEPT
-A FORWARD -i eth0 -o wg0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i wg0 -o eth0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i wg0 -j ACCEPT
-A FORWARD -o wg0 -j ACCEPT
# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 89.25.107.134 netmask 255.255.255.0 broadcast 89.25.107.255
ether bc:24:11:5e:0b:6f txqueuelen 1000 (Ethernet)
RX packets 27675 bytes 3392624 (3.2 MiB)
RX errors 0 dropped 129 overruns 0 frame 0
TX packets 5755 bytes 1939943 (1.8 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1420
inet 10.0.1.1 netmask 255.255.255.0 destination 10.0.1.1
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 3122 bytes 1096472 (1.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3124 bytes 1145924 (1.0 MiB)
TX errors 5 dropped 0 overruns 0 carrier 0 collisions 0
Исходная версия le_, :
# iptables -S -t nat
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT
-A PREROUTING -d 89.25.107.134/32 -p tcp -m tcp --dport 24123 -j DNAT --to-destination 192.168.1.15:24123
-A POSTROUTING -d 192.168.1.15/32 -p tcp -m tcp --sport 24123 -j SNAT --to-source 89.25.107.134:24123
-A POSTROUTING -o eth0 -j MASQUERADE
# iptables -S
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --dport 993 -j ACCEPT
-A INPUT -i wg0 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 24123 -j ACCEPT
-A FORWARD -i eth0 -o wg0 -p tcp -m tcp --dport 22000 -m conntrack --ctstate NEW -j ACCEPT
-A FORWARD -i eth0 -o wg0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i wg0 -o eth0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i wg0 -j ACCEPT
-A FORWARD -o wg0 -j ACCEPT
# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 89.25.107.134 netmask 255.255.255.0 broadcast 89.23.106.255
ether bc:24:11:5e:0b:6f txqueuelen 1000 (Ethernet)
RX packets 27675 bytes 3392624 (3.2 MiB)
RX errors 0 dropped 129 overruns 0 frame 0
TX packets 5755 bytes 1939943 (1.8 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1420
inet 10.0.1.1 netmask 255.255.255.0 destination 10.0.0.1
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 3122 bytes 1096472 (1.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3124 bytes 1145924 (1.0 MiB)
TX errors 5 dropped 0 overruns 0 carrier 0 collisions 0