diff options
-rw-r--r-- | roles/wireguard/defaults/main.yml | 2 | ||||
-rw-r--r-- | roles/wireguard/templates/wg0.conf.j2 | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/roles/wireguard/defaults/main.yml b/roles/wireguard/defaults/main.yml index b351a4b..44120db 100644 --- a/roles/wireguard/defaults/main.yml +++ b/roles/wireguard/defaults/main.yml @@ -4,4 +4,4 @@ wg_listen_port: 51280 #wg_addr4: #wg_addr6: #wg_peers: -wg_firewall: false +wg_router: false diff --git a/roles/wireguard/templates/wg0.conf.j2 b/roles/wireguard/templates/wg0.conf.j2 index fca9a0b..7dae2ff 100644 --- a/roles/wireguard/templates/wg0.conf.j2 +++ b/roles/wireguard/templates/wg0.conf.j2 @@ -6,7 +6,7 @@ Address = {{ wg_addr4 }}, {{ wg_addr6 }} ListenPort = {{ wg_listen_port }} SaveConfig = false -{% if wg_firewall %} +{% if wg_router %} PostUp = iptables -t nat -A POSTROUTING -s {{ wg_addr4 }} -m policy --pol none --dir out -j MASQUERADE PostUp = iptables -A FORWARD -s {{ wg_addr4 }} -j ACCEPT PostUp = ip6tables -t nat -A POSTROUTING -s {{ wg_addr6 }} -m policy --pol none --dir out -j MASQUERADE |