Fix iperf

xtrime-ru · Sep 26, 2024 · 302c04a · 302c04a
1 parent bb7455f
commit 302c04a
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/rootfs/etc/ferm/ferm.conf b/rootfs/etc/ferm/ferm.conf
@@ -59,7 +59,7 @@ table nat {
 		saddr $VPNTCP_RANGE daddr $VPNTCP_DNS ACCEPT;
 		saddr $DOCKER_RANGE daddr $DOCKER_DNS ACCEPT;
 
-	daddr ($VPNUDP_DNS $VPNTCP_DNS $DOCKER_DNS) REDIRECT;
+		daddr ($VPNUDP_DNS $VPNTCP_DNS $DOCKER_DNS) REDIRECT;
 
 		saddr ($VPNUDP_RANGE $VPNTCP_RANGE $DOCKER_RANGE) daddr ! $DNSMAP_RANGE CONNMARK set-mark 1;
 		saddr ($VPNUDP_RANGE $VPNTCP_RANGE $DOCKER_RANGE) daddr $DNSMAP_RANGE jump dnsmap;

diff --git a/wireguard/entrypoint.sh b/wireguard/entrypoint.sh
@@ -11,8 +11,10 @@ export WG_HOST=$(curl -4 icanhazip.com)
 export AZ_HOST=$(dig +short antizapret-vpn)
 
 ip route add 10.224.0.0/15 via $AZ_HOST
+iptables -t nat -A PREROUTING -d 10.224.0.1/32 -j DNAT --to-destination $AZ_HOST
+iptables -t nat -A OUTPUT -d 10.224.0.1/32 -j DNAT --to-destination $AZ_HOST
 
-if [[ ${FORCE_FORWARD_DNS:-false} == true ]]; then
+if [[ ${FORCE_FORWARD_DNS:-true} == true ]]; then
     dnsPorts=${FORCE_FORWARD_DNS_PORTS:-"53"}
     for dnsPort in $dnsPorts; do
         iptables -t nat -A PREROUTING -i wg0 -p udp -m udp --dport $dnsPort -j DNAT --to-destination $AZ_HOST