Hi Roman, > The "Usage" section speaks of "server" and "client". However in the WG world > there's not really a server or client per se, but all WG network members are > peers. As such, is it possible to propose an universal set of iptables rules > that would be fine to use on any network node? > > As I understand, all INPUT packets to our local --dport need to be --unobfs, > and all OUTPUT packets from us to any other node need to be --obfs. Right? >
Yes, you are right. Besides unobfs/obfs INPUT/OUTPUT chain for a local WG installation, one can also use it on a Linux gateway, mangle the FORWARD chain. I haven't test it but it should work. Wei
