Wireguard: Remove duplicated iptables POSTROUTING masquerade #516

New Issue

Closed

opened 2026-02-04 19:26:10 +03:00 by OVERLORD · 0 comments

OVERLORD commented 2026-02-04 19:26:10 +03:00

Owner

Copy Link

Originally created by @Tunebox1 on GitHub (Feb 18, 2025).

Originally assigned to: @tremor021 on GitHub.

🌟 Briefly describe the feature

Masquerade should be only in POSTUP POSTDOWN and duplicated not in POSTROUTING

📝 Detailed description

• remove iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE from script
• masquerade is already in the wg0.conf postup and postdown, making it duplicated and harder to debug if you dont want to masquerade

💡 Why is this useful?

The Script is setting a masquerade aftert installing wireguard iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE while this is working as intended - for users that do not want to have MASQUERADE, this makes it harder to debug.

1. This is duplicated, its in the postup postdown and also in the iptables
2. Making it hard to debug / find the issue if you want to disable MASQUERADE:
   If you check the wg0.conf, you can find the MASQUERADE. If you check on the CLI with wg-quick up wg-quick down, you also can find it. So you delete it, thnking you wont doe masuqerade anymore but its still doing it. Only if you now check the iptables as an addition you can find it.

If you install Wireguard manually this is also not set so i think if you decide to set it by default (which i can understand since most users might want that), ONLY put it in the POSTUP and POSTDOWN.

Originally created by @Tunebox1 on GitHub (Feb 18, 2025). Originally assigned to: @tremor021 on GitHub. ### 🌟 Briefly describe the feature Masquerade should be only in POSTUP POSTDOWN and duplicated not in POSTROUTING ### 📝 Detailed description - remove `iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE` from script - masquerade is already in the wg0.conf postup and postdown, making it duplicated and harder to debug if you dont want to masquerade ### 💡 Why is this useful? The Script is setting a masquerade aftert installing wireguard `iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE` while this is working as intended - for users that do not want to have MASQUERADE, this makes it harder to debug. 1. This is duplicated, its in the postup postdown and also in the iptables 2. Making it hard to debug / find the issue if you want to disable MASQUERADE: If you check the wg0.conf, you can find the MASQUERADE. If you check on the CLI with `wg-quick up` `wg-quick down`, you also can find it. So you delete it, thnking you wont doe masuqerade anymore but its still doing it. Only if you now check the iptables as an addition you can find it. If you install Wireguard manually this is also not set so i think if you decide to set it by default (which i can understand since most users might want that), ONLY put it in the POSTUP and POSTDOWN.

OVERLORD added the enhancement label 2026-02-04 19:26:10 +03:00

OVERLORD closed this issue 2026-02-04 19:26:12 +03:00

OVERLORD referenced this issue 2026-02-05 05:53:43 +03:00

[PR #2565] New Script: VictoriaMetrics #3697

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

github-action-update-changelog

pr-update-app-files

docker_deb13

feat/cloudinit-sshkeys

feat/sqlserver2025

automated/update-github-versions

add-script-opencloud-1770212555

add-script-openclaw-1770212634

github-action-archive-changelog

update_apps_tool

add-script-wishlist-1770193085

MickLesk-patch-2

add-script-writefreely-1770188758

add-script-wealthfolio-1770143943

fix/vaultwarden-update-script

remove_memos

disable_npm

feature/codeberg-functions-forgejo-readeck

add-script-rustypaste-1770019426

add-script-kitchenowl-1770017260

fix/2fauth-php-version

tools_func_addcodeberg

CrazyWolf13-patch-2

add-script-shelfmark-1769790178

CrazyWolf13-patch-1

add-script-ampache-1769790139

add-script-languagetool-1769790155

remove_php_deps

ref_koilection

fix/php-module-improvements

tremor021-patch-1

fix/open-archiver-meilisearch-migration

cloudflare_dns

MickLesk-patch-1

michelroegl-brunner-patch-2

fix/version-display

fix/debian13-root-ownership

feat/interactive_prompts

feature/smart-error-recovery

core_stable

update_docs

refactor/tools-func-stability

certbot_npm

2026-02-03

2026-02-02

2026-02-01

2026-01-31

2026-01-30

2026-01-29

2026-01-28

2026-01-27

2026-01-26

2026-01-25

2026-01-24

2026-01-23

2026-01-22

2026-01-21

2026-01-20

2026-01-19

2026-01-18

2026-01-17

2026-01-16

2026-01-15

2026-01-14

2026-01-13

2026-01-12

2026-01-11

2026-01-10

2026-01-09

2026-01-08

2026-01-07

2026-01-06

2026-01-05

2026-01-04

2026-01-03

2026-01-02

2026-01-01

2025-12-31

2025-12-30

2025-12-29

2025-12-28

2025-12-27

2025-12-26

2025-12-25

2025-12-24

2025-12-23

2025-12-22

2025-12-21

2025-12-20

2025-12-19

2025-12-18

2025-12-17

2025-12-16

2025-12-15

2025-12-14

2025-12-13

2025-12-12

2025-12-11

2025-12-10

2025-12-09

2025-12-08

2025-12-07

2025-12-06

2025-12-05

2025-12-04

2025-12-03

2025-12-02

2025-12-01

2025-11-30

2025-11-29

2025-11-28

2025-11-27

2025-11-26

2025-11-25

2025-11-24

2025-11-23

2025-11-22

2025-11-21

2025-11-20

2025-11-19

2025-11-18

2025-11-17

2025-11-16

2025-11-15

2025-11-14

2025-11-13

2025-11-12

2025-11-11

2025-11-10

2025-11-09

2025-11-08

2025-11-07

2025-11-06

2025-11-05

2025-11-04

2025-11-03

2025-11-02

2025-11-01

2025-10-31

2025-10-30

2025-10-29

2025-10-28

2025-10-27

2025-10-26

2025-10-25

2025-10-24

2025-10-23

2025-10-22

2025-10-21

2025-10-20

2025-10-19

2025-10-18

2025-10-17

2025-10-16

2025-10-15

2025-10-14

2025-10-13

2025-10-12

2025-10-11

2025-10-10

2025-10-09

2025-10-08

2025-10-07

2025-10-06

2025-10-05

2025-10-04

2025-10-03

2025-10-02

2025-10-01

2025-09-30

2025-09-29

2025-09-28

2025-09-27

2025-09-26

2025-09-25

2025-09-24

2025-09-23

2025-09-22

2025-09-21

2025-09-20

2025-09-19

2025-09-18

2025-09-17

2025-09-16

2025-09-15

2025-09-14

2025-09-13

2025-09-12

2025-09-11

2025-09-10

2025-09-09

2025-09-08

2025-09-07

2025-09-06

2025-09-05

2025-09-04

2025-09-03

2025-09-02

2025-09-01

2025-08-31

2025-08-30

2025-08-29

2025-08-28

2025-08-27

2025-08-26

2025-08-25

2025-08-24

2025-08-23

2025-08-22

2025-08-21

2025-08-20

2025-08-19

2025-08-18

2025-08-17

2025-08-16

2025-08-15

2025-08-14

2025-08-13

2025-08-12

2025-08-11

2025-08-10

2025-08-09

2025-08-08

2025-08-07

2025-08-06

2025-08-05

2025-08-04

2025-08-03

2025-08-02

2025-08-01

2025-07-31

2025-07-30

2025-07-29

2025-07-28

2025-07-27

2025-07-26

2025-07-25

2025-07-24

2025-07-23

2025-07-22

2025-07-21

2025-07-20

2025-07-19

2025-07-18

2025-07-17

2025-07-16

2025-07-15

2025-07-14

2025-07-11

2025-07-10

2025-07-09

2025-07-08

2025-07-07

2025-07-06

2025-07-05

2025-07-04

2025-07-03

2025-07-02

2025-07-01

2025-06-30

2025-06-29

2025-06-28

2025-06-27

2025-06-26

2025-06-25

2025-06-24

2025-06-23

2025-06-22

2025-06-21

2025-06-20

2025-06-19

2025-06-18

2025-06-17

2025-06-16

2025-06-15

2025-06-14

2025-06-13

2025-06-12

2025-06-11

2025-06-10

2025-06-09

2025-06-08

2025-06-07

2025-06-06

2025-06-05

2025-06-04

2025-06-03

2025-06-02

2025-06-01

2025-05-31

2025-05-30

2025-05-29

2025-05-28

2025-05-27

2025-05-26

2025-05-25

2025-05-24

2025-05-23

2025-05-22

2025-05-21

2025-05-20

2025-05-19

2025-05-18

2025-05-17

2025-05-16

2025-05-15

2025-05-14

2025-05-13

2025-05-12

2025-05-11

2025-05-10

2025-05-09

2025-05-08

2025-05-07

2025-05-06

2025-05-05

2025-05-04

2025-05-03

2025-05-02

2025-05-01

2025-04-30

2025-04-29

2025-04-28

2025-04-27

2025-04-26

2025-04-25

2025-04-24

2025-04-23

2025-04-22

2025-04-20

2025-04-21

2025-04-19

2025-04-18

2025-04-17

2025-04-15

2025-04-16

2025-04-14

2025-04-13

2025-04-12

2025-04-11

2025-04-10

2025-04-09

2025-04-08

2025-04-07

2025-04-06

2025-04-05

2025-04-04

2025-04-03

2025-04-02

2025-04-01

2025-03-31

2025-03-30

2025-03-29

2025-03-28

2025-03-27

2025-03-26

2025-03-25

2025-03-24

2025-03-23

2025-03-22

2025-03-21

2025-03-20

2025-03-19

2025-03-18

2025-03-17

2025-03-16

2025-03-15

2025-03-14

2025-03-13

2025-03-12

2025-03-11

2025-03-10

2025-03-09

2025-03-08

2025-03-07

2025-03-06

2025-03-05

2025-03-04

2025-03-03

2025-03-02

2025-03-01

2025-02-28

2025-02-27

2025-02-26

2025-02-25

2025-02-24

2025-02-23

2025-02-21

2025-02-20

2025-02-19

2025-02-18

2025-02-17

2025-02-16

2025-02-15

2025-02-14

2025-02-13

2025-02-12

2025-02-11

2025-02-10

2025-02-09

2025-02-08

2025-02-07

2025-02-06

2025-02-05

2025-02-04

2025-02-03

2025-02-02

2025-02-01

2025-01-31

2025-01-30

2025-01-29

2025-01-28

2025-01-27

2025-01-26

2025-01-24

2025-01-23

2025-01-22

2025-01-21

2025-01-20

2025-01-19

2025-01-18

2025-01-17

2025-01-16

2025-01-15

2025-01-14

2025-01-13

2025-01-11

2025-01-10

2025-01-09

2025-01-08

2025-01-07

2025-01-06

2025-01-05

2025-01-04

2025-01-03

2025-01-02

2025-01-01

2024-12-31

2024-12-30

2024-12-29

2024-12-28

2024-12-27

2024-12-26

2024-12-25

2024-12-23

2024-12-21

2024-12-20

2024-12-19

2024-12-18

2024-12-17

2024-12-16

2024-12-13

2024-12-12

2024-12-09

2024-12-08

2024-12-07

2024-12-06

2024-12-05

2024-12-04

2024-12-03

2024-12-02

2024-11-30

2024-11-29

2024-11-28

2024-11-27

2024-11-26

2024-11-25

2024-11-24

2024-11-23

Labels

Clear labels

Implemented in VED waiting push to Main

breaking change

bug

bug

bugfix

deferred

delete script

dependencies

enhancement

external

feature

github

help wanted

in project pipeline

invalid

investigation

json

maintenance

needs triage

new script

new script

nice to have

not a script issue

not planned

organization

pull-request

Mirrored from GitHub Pull Request

question

refactor

rename script

security

update script

website

wontdo

🛑 Failure to comply with the guidelines

No Label enhancement

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/ProxmoxVE#516