+
+ | - |
+ |
+ |
+ |
+ |
+ |
+ all |
+ |
+ Related
+ Established
+ |
+ ACCEPT |
+ |
+
{% for rule in port_forward_list %}
{% if rule.add_forward_rule and current_chain == 'forward' %}
-
- | - |
- |
- {{ firewall_settings.wan_interface }} |
- wg{{ rule.wireguard_instance.instance_id }} |
- |
-
- {% if rule.ip_address %}
- {{ rule.ip_address }}
- {% elif rule.peer %}
- {{ rule.peer }}
- {% endif %}
- |
- {{ rule.get_protocol_display }} |
- {{ rule.port }} |
- |
- ACCEPT |
- |
+
+ | - |
+ |
+ {{ firewall_settings.wan_interface }} |
+ wg{{ rule.wireguard_instance.instance_id }} |
+ |
+
+ {% if rule.ip_address %}
+ {{ rule.ip_address }}
+ {% elif rule.peer %}
+ {{ rule.peer }}
+ {% endif %}
+ |
+ {{ rule.get_protocol_display }} |
+
+ {% if rule.port_forward %}
+ {{ rule.port_forward }}
+ {% else %}
+ {{ rule.port }}
+ {% endif %}
+ |
+ |
+ ACCEPT |
+ |
{% elif rule.masquerade_source and current_chain == 'postrouting' %}
-
- | - |
- |
- |
- wg{{ rule.wireguard_instance.instance_id }} |
- |
-
- {% if rule.ip_address %}
- {{ rule.ip_address }}
- {% elif rule.peer %}
- {{ rule.peer }}
- {% endif %}
- |
- {{ rule.get_protocol_display }} |
- {{ rule.port }} |
- |
- MASQUERADE |
- |
-
+
+ | - |
+ |
+ |
+ wg{{ rule.wireguard_instance.instance_id }} |
+ |
+
+ {% if rule.ip_address %}
+ {{ rule.ip_address }}
+ {% elif rule.peer %}
+ {{ rule.peer }}
+ {% endif %}
+ |
+ {{ rule.get_protocol_display }} |
+
+ {% if rule.port_forward %}
+ {{ rule.port_forward }}
+ {% else %}
+ {{ rule.port }}
+ {% endif %}
+ |
+ |
+ MASQUERADE |
+ |
+
{% endif %}
-
-
{% endfor %}
{% for rule in firewall_rule_list %}
-
| {{ rule.sort_order }} |
{% if rule.description %}{% endif %} |
@@ -119,13 +128,12 @@
{% if rule.source_ip %}{% if rule.not_source %}! {% endif %}{{ rule.source_ip }}/{{ rule.source_netmask }}
{% endif%}
{% for peer in rule.source_peer.all %}{% if rule.not_source %}! {% endif %}{{ peer }}{% if rule.source_peer_include_networks %} +{% endif %}
{% endfor %}
-
+
|
{% if rule.destination_ip %}{% if rule.not_destination %}! {% endif %}{{ rule.destination_ip }}/{{ rule.destination_netmask }}
{% endif%}
{% for peer in rule.destination_peer.all %}{% if rule.not_destination %}! {% endif %}{{ peer }}{% if rule.destination_peer_include_networks %} +{% endif %}
{% endfor %}
|
-
{{ rule.get_protocol_display|default_if_none:'all' }} |
{{ rule.destination_port|default_if_none:'' }} |
@@ -136,103 +144,93 @@
{% if rule.state_untracked %}{% if rule.not_state %}! {% endif %}Untracked
{% endif %}
|
{{ rule.get_rule_action_display }} |
- {% comment%}
- {{ rule. }} |
- {% endcomment %}
|
{% endfor %}
-
+
{% if current_chain == 'forward' %}
- {% for wireguard_instance in wireguard_instances %}
+ {% for wireguard_instance in wireguard_instances %}
+
+ | - |
+ |
+ wg{{ wireguard_instance.instance_id }} |
+ wg{{ wireguard_instance.instance_id }} |
+ |
+ |
+ |
+ |
+ |
+
+ {% if firewall_settings.allow_peer_to_peer %}
+ ACCEPT
+ {% else %}
+ REJECT
+ {% endif %}
+ |
+ |
+
+ {% endfor %}
+
- | - |
- |
- wg{{ wireguard_instance.instance_id }} |
- wg{{ wireguard_instance.instance_id }} |
+ - |
+ |
+ wg+ |
+ wg+ |
|
|
|
|
|
-
- {% if firewall_settings.allow_peer_to_peer %}
- ACCEPT
- {% else %}
- REJECT
- {% endif %}
- |
+ {% if firewall_settings.allow_instance_to_instance %}ACCEPT{% else %}REJECT{% endif %} |
|
- {% endfor %}
-
-
- | - |
- |
- wg+ |
- wg+ |
- |
- |
- |
- |
- |
- {% if firewall_settings.allow_instance_to_instance %}ACCEPT{% else %}REJECT{% endif %} |
- |
-
{% endif %}
+
+