| Code Block |
|---|
sudo su - |
| Code Block |
|---|
vi /etc/netplan/50-cloud-init.yaml |
| Code Block |
|---|
network:
ethernets:
enp2s0:
dhcp4: true
enp3s0:
addresses:
- 10.0.0.0/24
version: 2 |
| Code Block |
|---|
grep DEFAULT_FORWARD_POLICY /etc/default/ufw sed -i 's/DEFAULT_FORWARD_POLICY="DROP"/DEFAULT_FORWARD_POLICY="ACCEPT"/' /etc/default/ufw grep DEFAULT_FORWARD_POLICY /etc/default/ufw grep 'net.ipv4.ip_forward=1' /etc/sysctl.conf sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf grep 'net.ipv4.ip_forward=1' /etc/sysctl.conf |
...
| Code Block | ||
|---|---|---|
| ||
*nat
:POSTROUTING ACCEPT [0:0]
# Allow traffic from OpenVPN client to eth0 (change to the interface you discovered!)
-A POSTROUTING -s 10.0.0.0/24 -o enp2s0 -j MASQUERADE
COMMIT |
| Code Block | ||
|---|---|---|
| ||
# # rules.before *nat :POSTROUTING ACCEPT [0:0] # Forward traffic through eth0 - Change to match you out-interface -A POSTROUTING -s 10.0.0.0/24 -o enp2s0 -j MASQUERADE # don't delete the 'COMMIT' line or these nat table rules won't # be processed COMMIT # # Rules that should be run before the ufw command line added rules. Custom # rules should be added to one of these chains: # ufw-before-input # ufw-before-output # ufw-before-forward # # Don't delete these required lines, otherwise there will be errors *filter :ufw-before-input - [0:0] |
| Code Block |
|---|
ufw allow from 10.0.0.0/24
ufw allow 22/tcp
ufw disable; ufw enable |
...