Wireguard server: update firewall.

author: Hugo Hörnquist <hugo@lysator.liu.se> 2023-05-03 17:31:17 +0200
committer: Hugo Hörnquist <hugo@lysator.liu.se> 2023-05-03 17:31:17 +0200
commit: abc91fc235d3511a022e98edf1a9121f3ba12377 (patch)
tree: 293d3cd710a0bd86ca7bc666e507611e81c3ecff
parent: Allow non-sensitive wireguard keys. (diff)
download: profiles-abc91fc235d3511a022e98edf1a9121f3ba12377.tar.gz
profiles-abc91fc235d3511a022e98edf1a9121f3ba12377.tar.xz
1 files changed, 2 insertions, 0 deletions
diff --git a/manifests/wireguard_server.pp b/manifests/wireguard_server.pp
index dcdd475..1f604a2 100644
--- a/manifests/wireguard_server.pp
+++ b/manifests/wireguard_server.pp
@@ -38,6 +38,8 @@ class profiles::wireguard_server (
     chain    => 'POSTROUTING',
     jump     => 'MASQUERADE',
     outiface => 'br0',
+    proto    => 'all',
+    provider => 'ip6tables',
   }
 
   # -A FORWARD -p udp -m udp --dport 51871 --destination $(dig +short gandalf.adrift.space AAAA)
author	Hugo Hörnquist <hugo@lysator.liu.se>	2023-05-03 17:31:17 +0200
committer	Hugo Hörnquist <hugo@lysator.liu.se>	2023-05-03 17:31:17 +0200
commit	abc91fc235d3511a022e98edf1a9121f3ba12377 (patch)
tree	293d3cd710a0bd86ca7bc666e507611e81c3ecff
parent	Allow non-sensitive wireguard keys. (diff)
download	profiles-abc91fc235d3511a022e98edf1a9121f3ba12377.tar.gz profiles-abc91fc235d3511a022e98edf1a9121f3ba12377.tar.xz