Using applications like qbittorrent and airdcpp to share files. They all need some ports to be forwarded in order to be "connectable".
In the home connection I would go into the router settings 192.168.1.1 and then forward the ports, ex. 56000 to my PC's local ip address: 192.168.1.124. And the services would work alright.
Later set up wireguard on a Linode VPS wishing I can vpn into it and and mask my IP. But when I do that, my ip address is changed when I go to somewhere like https://whoer.net . But the ports used, ex. 56000 is not forwarded and thus the apps are not "connectable".
What are the things I need to add in iptables in order for the VPS to forward those ports like my home router does?
Port 56000 is set to allow in the active VPS ufw firewall.
Many thanks for looking.
This is what my VPS wireguard conf looks like:
Address = 10.66.66.1/24,fd42:42:42::1/64
ListenPort = 49503
PrivateKey = ***
[Peer]
PublicKey = ***
PresharedKey = ***
AllowedIPs = 10.66.66.2/32,fd42:42:42::2/128
Since you're using UFW, first make sure the UFW rule for port
56000that you added is not a regular input rule, but instead a "route" (aka forwarding) rule, like this (assuming it's for a TCP port; replacetcpwithudpfor UDP):Then you need an iptables rule like this for each port you want to forward (where
eth0is the name of your WAN interface):If you have a bunch of individual ports you want to forward, you can put them all (up to 15 ports) in the same rule using the
--dportsflag (note thes) of themultiportmodule:And since you're using UFW, you probably want to put your
PREROUTINGrules in the*natblock of your/etc/ufw/before.rulesconfig file, like this (assuming you probably already have something similar to thePOSTROUTINGrule there):If you don't already have a
*natblock in your/etc/ufw/before.rulesfile, add it at the end of the file. Restart UFW after you make the changes.