Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Changed Postup and Postdown script to drop traffic between the peers. #362

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

mzs114
Copy link

@mzs114 mzs114 commented Sep 4, 2024

Two new iptable rules were added, one to drop the traffic between the peers and another to clean this drop rule when the interface goes down.

Edit: These are required to enhance the security by avoiding the traffic between the peers.

Added drop rules to drop the traffic between the peers, this is required for enhanced security.
Added a corresponding rule to clean up the peer drop traffic rule in the postdown script.
@donaldzou
Copy link
Owner

Hi @NOXCIS , do you mind look over this please?

@NOXCIS
Copy link
Contributor

NOXCIS commented Sep 9, 2024

@donaldzou The iptables scripts are just defaults a user can modfiy to their needs. No need to implimnet someones specific use case.

@DaanSelen
Copy link
Collaborator

@mzs114 is this not like the rules PostUp = iptables -I FORWARD -i wg0 -o wg0 -j DROP? Which disallows peers to talk to eachother?

@mzs114
Copy link
Author

mzs114 commented Sep 10, 2024

@mzs114 is this not like the rules PostUp = iptables -I FORWARD -i wg0 -o wg0 -j DROP? Which disallows peers to talk to eachother?

Yes these are the same, as these were missing in the scripts.

@NOXCIS There exists some preset rules, this is adding a new rule(and another one to remove).
A sane default helps the users, advanced users anyways will be customizing.

@DaanSelen
Copy link
Collaborator

Hi @mzs114 is this not done with the new code?

@mzs114
Copy link
Author

mzs114 commented Oct 8, 2024

Hi @mzs114 is this not done with the new code?

Not sure which code or version you are referring to? I mean these changes were not merged, so this is still pending? The reason for this PR is to include such rule in the given scripts.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants