Thanks for suggestion's, i added some quick rules and put a more specific nat rule in place and now the rdr rule is working. Thank you.
Sent from ProtonMail mobile -------- Original Message -------- On 22 Oct 2019, 07:26, loopw wrote: > On 2019-10-21 16:19, [4642](tel:4642) wrote: >> ###### Egress ####### >> pass in on egress inet proto udp from any to (egress:0) port >> [51820](tel:51820) >> rdr-to $wg_svr >> pass out quick on egress inet >> >> ###### LAN ####### >> pass in on $lan_if inet proto udp from any to (egress:0) port >> [51820](tel:51820) rdr-to $wg_svr >> pass in on $lan_if inet >> pass out quick on $lan_if inet >> >> ###### WG ####### >> pass in on $wg_if inet >> pass out quick on $wg_if inet >> >> Thanks for looking. >> Keith. > > You might want to consider adding "quick" to all of the rules above > without them (rdr-to rules and the pass in on your local interfaces > rules). > > my two cents: I would add specific networks for who can pass out _new > connections_ onto your lan and wireguard networks through those > interfaces (the pass out quick on local network rules are a little wide > open)
