Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

zerotier "自动允许客户端NAT" 功能无效 #1

Open
fengyang0317 opened this issue Dec 18, 2021 · 2 comments
Open

zerotier "自动允许客户端NAT" 功能无效 #1

fengyang0317 opened this issue Dec 18, 2021 · 2 comments

Comments

@fengyang0317
Copy link

路由器自己可以访问zerotier网段别的机器,但是lan口的客户端还是不能访问zerotier的网段。

可以看见添加了iptables的rule,

Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere /* zerotier_rule */

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere /* zerotier_rule /
ACCEPT all -- anywhere anywhere / zerotier_rule */
@fengyang0317
Copy link
Author

需要一条rule

iptables -t nat -I POSTROUTING 2 ! -s 172.16.0.1/32 -o ztuga2wbbp -j MASQUERADE

@LeiShi1313
Copy link

补充一下,每个人内网ID和zerotier网卡名字不同,上条命令要对应改成:

iptables -t nat -A POSTROUTING ! -s [你的zerotier内网段] -o [你的zerotier网卡名字] -j MASQUERADE

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@LeiShi1313 @fengyang0317