> Based on my understanding of the OpenBSD PF-Packet filtering document
> (https://www.openbsd.org/faq/pf/filter.html), the intention of this
> pf rule is to allow only the IP address 10.0.8.4 to access ports 22
> and 80. However, currently both machines with IP addresses 10.0.8.2
> and 10.0.8.3 are able to access ports 22 and 80.
Maybe try something like
set skip on lo
block log
match out on bwfm0 inet received-on wg0 nat-to (bwfm0)
pass out
pass in on wg0
block log in to (self)
pass proto tcp from 10.0.8.4 to port {22 80}
I recommend ignoring the pf faq and use https://man.openbsd.org/pf.conf
instead.
> https://www.vultr.com/docs/install-wireguard-vpn-server-on-openbsd-7-0/
what a mess of things from the base OS and unneeded third-party tools.
> On Sun, Aug 13, 2023 at 7:04 AM lain. <[email protected]> wrote:
>>
>> I failed to come up with reasons for using a preshared key, so I've let
>> ChatGPT generate reasons for me:
oh $deitt please do not.
