Two network interfaces on the gateway, how to fix iptables?

There is a gateway on it two interfaces and L2TP xl2tpd. need lan to traverse the world.
xl2tpd - I have set up, the connection is good, no complaints. Become familiar with iptables.
Found in a network the iptables rules. Tried the first two, they don't work. That is:

iptables-A FORWARD -i enp3s0 -o enp1s10 -s -j ACCEPT
iptables-A FORWARD -i enp1s10 -o enp3s0 -d -j ACCEPT

1. #iptables -A POSTROUTING -s -o enp1s10 -j SNAT --to-source

2. #iptables-t nat -A POSTROUTING -o enp1s10 -s MASQUERADE

3. #$LAN = eth0
iptables-I FORWARD 1-i $LAN-s $NETWORK-p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu (not yet tried)

The names of the interfaces are real and any similarity is not accidental.
The second day of fighting. Please tell me, for God's sake. Or I will throw all the ports >:[

And the second question followed:
The author of one of the rules I wrote, and I quote: it is Necessary though a little to protect the gateway, add the rule
#iptables -A INPUT-i lo -j ACCEPT
#iptables -A INPUT-i enp3s0 -s -j ACCEPT
#iptables -A INPUT-i enp1s10 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
#iptables-P INPUT DROP

After the gateway stops responding to ping domain names. If DNS was off, but L2TP Internet connection works properly. He namudrili?
With respect. Thank you in advance!
March 12th 20 at 08:40
2 answers
March 12th 20 at 08:42
In the article, there's a file in the file many reviews, perhaps with it You will understand what to do, in addition to enabling forward packets after establishing the ppp connection, in steme does not occur a new interface called ppp0 or something like that?
No, not there. Should appear ppp0? Generally it occurs I know what set up vpn, But in ifconfig I can't see it.
Found the file and I hope all the settings are operable. Thank you. - Naomi.Fay commented on March 12th 20 at 08:45
March 12th 20 at 08:44
iptables really complicated for beginners. View in the direction of the ferm of the superstructure over iptables, the readability of a configuration is much higher. And don't forget then net.ipv4.ip_forward=1.

In the basic ferm config (/etc/ferm/ferm.conf), it is sufficient to add a rule to masquerade.

Find more questions by tags IptablesComputer networksLinux