Created
October 8, 2022 04:58
-
-
Save parkervcp/705f09db37b60fbff543d252490e9bd1 to your computer and use it in GitHub Desktop.
A wireguard config for running wings on a server behind another server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[Interface] | |
Address = 192.168.254.1/26 | |
ListenPort = 51820 | |
PrivateKey = | |
# setup for iptables to forward traffic to proxied host | |
## On Startup | |
## make sure ports are routed back properly | |
PostUp = iptables -t nat -A POSTROUTING -o wg0 -j SNAT --to-source 192.168.254.1 | |
## Accept established and related packets early for perf reasons | |
PostUp = iptables -I FORWARD 1 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
## Daemon ports | |
PostUp = iptables -A FORWARD -i eth0 -o wg0 -p tcp -m multiport --dports 8080,2022 -m conntrack --ctstate NEW -j ACCEPT | |
PostUp = iptables -t nat -A PREROUTING -i eth0 -p tcp -m multiport --dports 8080,2022 -j DNAT --to-destination 192.168.254.3 | |
## Game ports | |
## Minecraft Ports | |
## java | |
PostUp = iptables -A FORWARD -i eth0 -o wg0 -p tcp -m multiport --dports 25565:25575 -m conntrack --ctstate NEW -j ACCEPT | |
PostUp = iptables -t nat -A PREROUTING -i eth0 -p tcp -m multiport --dports 25565:25575 -j DNAT --to-destination 192.168.254.3 | |
## bedrock | |
PostUp = iptables -A FORWARD -i eth0 -o wg0 -p udp -m multiport --dports 19132:19142 -m conntrack --ctstate NEW -j ACCEPT | |
PostUp = iptables -t nat -A PREROUTING -i eth0 -p udp -m multiport --dports 19132:19142 -j DNAT --to-destination 192.168.254.3 | |
## Unreal Engine (ARK/Satisfactory/Etc) | |
## Game Port | |
PostUp = iptables -A FORWARD -i eth0 -o wg0 -p udp -m multiport --dports 7777:7787 -m conntrack --ctstate NEW -j ACCEPT | |
PostUp = iptables -t nat -A PREROUTING -i eth0 -p udp -m multiport --dports 7777:7787 -j DNAT --to-destination 192.168.254.3 | |
## Satisfactory Query Port | |
PostUp = iptables -A FORWARD -i eth0 -o wg0 -p udp -m multiport --dports 15000:15015 -m conntrack --ctstate NEW -j ACCEPT | |
PostUp = iptables -t nat -A PREROUTING -i eth0 -p udp -m multiport --dports 15000:15015 -j DNAT --to-destination 192.168.254.3 | |
## Satisfactory Beacon | |
PostUp = iptables -A FORWARD -i eth0 -o wg0 -p udp -m multiport --dports 15777:15787 -m conntrack --ctstate NEW -j ACCEPT | |
PostUp = iptables -t nat -A PREROUTING -i eth0 -p udp -m multiport --dports 15777:15787 -j DNAT --to-destination 192.168.254.3 | |
## Steam Query Ports | |
PostUp = iptables -A FORWARD -i eth0 -o wg0 -p tcp -m multiport --dports 27015:27025 -m conntrack --ctstate NEW -j ACCEPT | |
PostUp = iptables -t nat -A PREROUTING -i eth0 -p tcp -m multiport --dports 27015:27025 -j DNAT --to-destination 192.168.254.3 | |
PostUp = iptables -A FORWARD -i eth0 -o wg0 -p udp -m multiport --dports 27015:27025 -m conntrack --ctstate NEW -j ACCEPT | |
PostUp = iptables -t nat -A PREROUTING -i eth0 -p udp -m multiport --dports 27015:27025 -j DNAT --to-destination 192.168.254.3 | |
## On Shutdown | |
## make sure ports are routed back properly | |
PostDown = iptables -t nat -D POSTROUTING -o wg0 -j SNAT --to-source 192.168.254.1 | |
## Accept established and related packets early for perf reasons | |
PostDown = iptables -D FORWARD 1 -m conntrack --ctstate ESTABLISHED,RELATED | |
## Daemon ports | |
PostDown = iptables -D FORWARD -i eth0 -o wg0 -p tcp -m multiport --dports 8080,2022 -m conntrack --ctstate NEW -j ACCEPT | |
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp -m multiport --dports 8080,2022 -j DNAT --to-destination 192.168.254.3 | |
## Game ports | |
## Minecraft Ports | |
## java | |
PostDown = iptables -D FORWARD -i eth0 -o wg0 -p tcp -m multiport --dports 25565:25575 -m conntrack --ctstate NEW -j ACCEPT | |
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp -m multiport --dports 25565:25575 -j DNAT --to-destination 192.168.254.3 | |
## bedrock | |
PostDown = iptables -D FORWARD -i eth0 -o wg0 -p udp -m multiport --dports 19132:19142 -m conntrack --ctstate NEW -j ACCEPT | |
PostDown = iptables -t nat -D PREROUTING -i eth0 -p udp -m multiport --dports 19132:19142 -j DNAT --to-destination 192.168.254.3 | |
## Unreal Engine (ARK/Satisfactory/Etc) | |
## Game Port | |
PostDown = iptables -D FORWARD -i eth0 -o wg0 -p udp -m multiport --dports 7777:7787 -m conntrack --ctstate NEW -j ACCEPT | |
PostDown = iptables -t nat -D PREROUTING -i eth0 -p udp -m multiport --dports 7777:7787 -j DNAT --to-destination 192.168.254.3 | |
## Satisfactory Query Port | |
PostDown = iptables -D FORWARD -i eth0 -o wg0 -p udp -m multiport --dports 15000:15015 -m conntrack --ctstate NEW -j ACCEPT | |
PostDown = iptables -t nat -D PREROUTING -i eth0 -p udp -m multiport --dports 15000:15015 -j DNAT --to-destination 192.168.254.3 | |
## Satisfactory Beacon | |
PostDown = iptables -D FORWARD -i eth0 -o wg0 -p udp -m multiport --dports 15777:15787 -m conntrack --ctstate NEW -j ACCEPT | |
PostDown = iptables -t nat -D PREROUTING -i eth0 -p udp -m multiport --dports 15777:15787 -j DNAT --to-destination 192.168.254.3 | |
## Steam Query Ports | |
PostDown = iptables -D FORWARD -i eth0 -o wg0 -p tcp -m multiport --dports 27015:27025 -m conntrack --ctstate NEW -j ACCEPT | |
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp -m multiport --dports 27015:27025 -j DNAT --to-destination 192.168.254.3 | |
PostDown = iptables -D FORWARD -i eth0 -o wg0 -p udp -m multiport --dports 27015:27025 -m conntrack --ctstate NEW -j ACCEPT | |
PostDown = iptables -t nat -D PREROUTING -i eth0 -p udp -m multiport --dports 27015:27025 -j DNAT --to-destination 192.168.254.3 | |
[Peer] | |
# arwen | |
PublicKey = | |
AllowedIPs = 192.168.254.3/32 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment