====== UniFi ======

===== Fix WireGuard MTU =====
Refer to
[[https://community.ui.com/questions/Wireguard-Client-Server-Issue-Accessing-Certain-Websites-MTU-issue/373f7a7b-36be-4645-89c7-870fcf759c85?page=2]]

<code>
root:~# cat /data/scripts/change-wg-mtu.sh
#/bin/sh
export PATH=/usr/sbin:$PATH
#iptables -t mangle -A UBIOS_FORWARD_TCPMSS -o wgclt1 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
#iptables -t mangle -A UBIOS_FORWARD_TCPMSS -i wgclt1 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
#iptables -t mangle -A UBIOS_OUTPUT_TCPMSS -o wgclt1 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
iptables -t mangle -A UBIOS_FORWARD_TCPMSS -o wgclt1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

root:~# cat /etc/cron.d/wgmtu
# custom
*  *    * * *   root    /data/scripts/change-wg-mtu.sh
</code>