25 lines
1.2 KiB
Django/Jinja
25 lines
1.2 KiB
Django/Jinja
[Interface]
|
|
Address = {{ vpn_gateway_net_prefix }}.1/{{ vpn_gateway_net_cidr }}
|
|
ListenPort = {{ vpn_gateway_port }}
|
|
PrivateKey = {{ vpn_gateway_private_key }}
|
|
|
|
{% if vpn_gateway_forward is defined and vpn_gateway_forward | length > 0 %}
|
|
PreUp = sysctl -w net.ipv4.ip_forward=1
|
|
PreUp = sysctl -w net.ipv6.conf.all.forwarding=1
|
|
|
|
{% for config in vpn_gateway_forward %}
|
|
PreUp = iptables -t nat -A PREROUTING -i {{ vpn_gateway_interface }} -p {{ config.protocol | default('tcp') }} --dport {{ config.server_port }} -j DNAT --to-destination {{ vpn_gateway_net_prefix }}.{{ config.client_index }}:{{ config.client_port }}
|
|
PostDown = iptables -t nat -D PREROUTING -i {{ vpn_gateway_interface }} -p {{ config.protocol | default('tcp') }} --dport {{ config.server_port }} -j DNAT --to-destination {{ vpn_gateway_net_prefix }}.{{ config.client_index }}:{{ config.client_port }}
|
|
|
|
{% endfor %}
|
|
PreUp = iptables -t nat -A POSTROUTING -o {{ cloud_name }} -j MASQUERADE
|
|
PostDown = iptables -t nat -D POSTROUTING -o {{ cloud_name }} -j MASQUERADE
|
|
{% endif %}
|
|
|
|
{% for vpn_client in vpn_clients %}
|
|
## vpn {{ cloud_name }} - {{ vpn_client.name }} ##
|
|
[Peer]
|
|
PublicKey = {{ vpn_client.public_key }}
|
|
AllowedIPs = {{ vpn_gateway_net_prefix }}.{{ vpn_client.index }}/32
|
|
|
|
{% endfor %} |