root@tunneler:/home/reza# /sbin/iptables --flush
root@tunneler:/home/reza# /sbin/iptables --delete-chain
root@tunneler:/home/reza# /sbin/iptables --table nat --flush
root@tunneler:/home/reza# /sbin/iptables --table nat --delete-chain
root@tunneler:/home/reza# /sbin/iptables --table mangle --flush
root@tunneler:/home/reza# /sbin/iptables --table mangle --delete-chain
root@tunneler:/home/reza# /sbin/iptables -A FORWARD -i ens160 -o tun0 -s 192.168.1.0/24 -m conntrack --ctstate NEW -j ACCEPT
root@tunneler:/home/reza# /sbin/iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
root@tunneler:/home/reza# /sbin/iptables -A POSTROUTING -t nat -o tun0 -j MASQUERADE
root@tunneler:/home/reza# /sbin/iptables -A INPUT -p icmp --icmp-type destination-unreachable -j ACCEPT
root@tunneler:/home/reza# /sbin/iptables -A INPUT -p icmp --icmp-type time-exceeded -j ACCEPT
root@tunneler:/home/reza# /sbin/iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT
root@tunneler:/home/reza# /sbin/iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
root@tunneler:/home/reza# /sbin/iptables -A INPUT -p all -s 192.168.1.0/24 -j ACCEPT