Enable ip4 forward:
nano /etc/sysctl.conf
net.ipv4.ip_forward = 1
Firewall configuration:
sudo iptables -t nat -A POSTROUTING -s 10.168.127.0/8 -j MASQUERADE
sudo iptables -A INPUT -i tun0 -j ACCEPT
sudo iptables -A FORWARD -i tun0 -j ACCEPT
sudo iptables -A FORWARD -o tun0 -j ACCEPT
Save iptables:
sudo su
iptables-save -c > /etc/iptables.rules
Config on Startup:
Add two scripts in /etc/network/:
sudo nano /etc/network/if-pre-up.d/iptablesload:
#!/bin/sh
iptables-restore < /etc/iptables.rules
exit 0
sudo nano /etc/network/if-post-down.d/iptablessave:
#!/bin/sh
iptables-save -c > /etc/iptables.rules
if [ -f /etc/iptables.downrules ]; then
iptables-restore < /etc/iptables.downrules
fi
exit 0
# sudo chmod +x /etc/network/if-post-down.d/iptablessave
# sudo chmod +x /etc/network/if-pre-up.d/iptablesload