Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

zerotier "自动允许客户端NAT" 功能无效 #1

Open
fengyang0317 opened this issue Dec 18, 2021 · 2 comments
Open

zerotier "自动允许客户端NAT" 功能无效 #1

fengyang0317 opened this issue Dec 18, 2021 · 2 comments

Comments

@fengyang0317
Copy link

路由器自己可以访问zerotier网段别的机器,但是lan口的客户端还是不能访问zerotier的网段。

可以看见添加了iptables的rule,

Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere /* zerotier_rule */

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere /* zerotier_rule /
ACCEPT all -- anywhere anywhere / zerotier_rule */
@fengyang0317
Copy link
Author

需要一条rule

iptables -t nat -I POSTROUTING 2 ! -s 172.16.0.1/32 -o ztuga2wbbp -j MASQUERADE

@LeiShi1313
Copy link

补充一下,每个人内网ID和zerotier网卡名字不同,上条命令要对应改成:

iptables -t nat -A POSTROUTING ! -s [你的zerotier内网段] -o [你的zerotier网卡名字] -j MASQUERADE

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@LeiShi1313 @fengyang0317