So I have an http server on node A, and a VPS on node B. Both are connected through wireguard on a VPN which consists only of these two nodes. I’m trying to make all the requests that arrive on http/s on node B to be forwarded to A and processed there. Then of course the response must return to the original sender. I’ve seen a million ways to do it online and I’m hitting a brick wall so how would you do it properly on a fresh install (assuming my firewall, ufw in my case, is disabled. I’ll figure it out once routing works as intended)
I had something like this set up where essentially my wireguard VPS acted as a proxy that allowed me to forward all ports to my local machine that’s connected to it.
I had to use AI to figure this out, and I still don’t get it. Here are the commands that I saved:
ip route add 10.0.0.2/32 dev wg0; iptables -A FORWARD -i eth0 -o wg0 -j ACCEPT; iptables -A FORWARD -i wg0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 1:65535 -j DNAT --to-destination 10.0.0.2; iptables -t nat -A PREROUTING -i eth0 -p udp --dport 1:65535 -j DNAT --to-destination 10.0.0.2;This is to be run on the wireguard VPS.
wg0 is the name of the wireguard interface, brought up with something like wg-quick up wg0. eth0 is the name of the network interface.
I don’t fully understand it so I can’t explain it better, but this is what allowed me to forward traffic from my VPS to my computer as though it were a router with open ports.
Hopefully someone more knowledgeable than me can chime in and give clarification.
Yeah I had pain dealing with iptables which is why I decided to ask folks here what they use. I finally went with NGINX stream module. It’s very easy to use and I didn’t have to mess up my firewall rules this way.