I have an older "HP Optiplex 3020" with 8GB memory that I use as an "Internet router". I have installed Ubuntu Server 20.04.3 and with Webmin DHCP-server DNS-server Postfix Fail2ban Wireguard to help it work.
But not everything works, when I start the Wireguard client the router stops working and when the Wireguard client closes everything will be fine again.
My firewall looks like this:
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -N LOGGING
iptables -t nat -A POSTROUTING -o eth2 -j MASQUERADE
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i eth0 -j ACCEPT
iptables -A INPUT -i eth2 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth2 -j LOGGING
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 10000 -j ACCEPT
iptables -A FORWARD -i eth0 -o eth2 -j ACCEPT
iptables -A FORWARD -i eth2 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A LOGGING -i eth2 -m limit --limit 5/sec --limit-burst 10 -j LOG
iptables -A LOGGING -i eth2 -j DROP
eth0 = LAN
eth1 = DMZ (not started)
eth2 = WAN
Wireguard client config (redacted):
[Interface]
PrivateKey = mnbvcxzäölkjhgfdsa
ListenPort = 51820
Address = 10.0.0.7/26
DNS = 8.8.8.8 1.1.1.1
[Peer]
PublicKey = qwertyuiopåasdfghjklö
Endpoint = wireguard.example.net:12345
AllowedIPs = 0.0.0.0/0, ::/0
The problem is with my firewall and I have tried with a lot of different settings but I do not get it to work. So I need help with my firewall. Any tips or tricks regarding what to do?
