How can I route all internet traffic through Zerotier?

AleXSR700 · September 22, 2020, 6:49pm

Hello Travis,

I added an edit before or while you replied.

Right now these are my iptables:
“Server”:

root@piclient-desktop:/etc# iptables-save

Generated by iptables-save v1.8.4 on Tue Sep 22 20:41:26 2020

*filter
:INPUT ACCEPT [10342:2161582]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [17618:8035097]
:sshguard - [0:0]
COMMIT

Completed on Tue Sep 22 20:41:26 2020

root@piclient-desktop:/etc#

“Client”

Generated by iptables-save v1.8.4 on Tue Sep 22 21:33:10 2020

*nat
:PREROUTING ACCEPT [21884:7848217]
:INPUT ACCEPT [447:134995]
:OUTPUT ACCEPT [3415:223164]
:POSTROUTING ACCEPT [3384:219164]
-A POSTROUTING -s 10.42.0.0/24 ! -d 10.42.0.0/24 -j MASQUERADE
COMMIT

Completed on Tue Sep 22 21:33:10 2020

Generated by iptables-save v1.8.4 on Tue Sep 22 21:33:10 2020

*filter
:INPUT ACCEPT [104848:33118495]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [197549:31491237]
:sshguard - [0:0]
-A INPUT -i wlan0 -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -i wlan0 -p tcp -m tcp --dport 67 -j ACCEPT
-A INPUT -i wlan0 -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -i wlan0 -p tcp -m tcp --dport 53 -j ACCEPT
-A FORWARD -d 10.42.0.0/24 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 10.42.0.0/24 -i wlan0 -j ACCEPT
-A FORWARD -i wlan0 -o wlan0 -j ACCEPT
-A FORWARD -o wlan0 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i wlan0 -j REJECT --reject-with icmp-port-unreachable
COMMIT

Completed on Tue Sep 22 21:33:10 2020

root@piclient-desktop:/etc#

By the way, I need to be careful what I change on the server as it is 3000 miles away right now and any change needs to work

Best regards
Alex