From 739f97d85908baba47589bb7466a7d559b4424b2 Mon Sep 17 00:00:00 2001
From: Niklas Yann Wettengel <niyawe@niyawe.de>
Date: Wed, 5 Jul 2017 12:37:39 +0200
Subject: wireguard site mesh

---
 roles/configure_iptables/files/ip6tables.rules | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'roles/configure_iptables')

diff --git a/roles/configure_iptables/files/ip6tables.rules b/roles/configure_iptables/files/ip6tables.rules
index 7a1ea51..764e05b 100644
--- a/roles/configure_iptables/files/ip6tables.rules
+++ b/roles/configure_iptables/files/ip6tables.rules
@@ -15,6 +15,19 @@
 -A INPUT -p udp -m udp --dport 123 -j ACCEPT
 # fastd
 -A INPUT -p udp -m udp --dport 10010:10021 -j ACCEPT
+# wireguard_mesh
+-A INPUT -p udp -m udp --dport 10110 -j ACCEPT
+-A INPUT -p udp -m udp --dport 10112 -j ACCEPT
+-A INPUT -p udp -m udp --dport 10114 -j ACCEPT
+-A INPUT -p udp -m udp --dport 10116 -j ACCEPT
+-A INPUT -p udp -m udp --dport 10118 -j ACCEPT
+-A INPUT -p udp -m udp --dport 10120 -j ACCEPT
+-A INPUT -s fdff:4157:bb::/48 -p gre -j ACCEPT
+-A INPUT -s fdff:434f:43bb::/48 -p gre -j ACCEPT
+-A INPUT -s fdff:454d:53bb::/48 -p gre -j ACCEPT
+-A INPUT -s fdff:4b4f:bb::/48 -p gre -j ACCEPT
+-A INPUT -s fdff:4d59:bb::/48 -p gre -j ACCEPT
+-A INPUT -s fdff:5349:4dbb::/48 -p gre -j ACCEPT
 # MOSH
 -A INPUT -p udp -m udp --dport 60000:61000 -j ACCEPT
 # LOG
-- 
cgit v1.2.3-54-g00ecf