fix...

Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>

host/templates/pve/etc/firewall/cluster.fw

@@ -7,7 +7,7 @@ enable: 1
 
 [RULES]
 
-IN ACCEPT -i vmbr3 -log nolog # STUB
+IN ACCEPT -i vmbr3 -log nolog # ADMIN
 IN REJECT -i vmbr0 -p udp -dport 68 -sport 68 -log nolog # dhcp
 IN REJECT -i vmbr0 -p udp -dport 67 -sport 67 -log nolog # dhcp
 OUT REJECT -i vmbr0 -p udp -dport 68 -sport 68 -log nolog # dhcp
@@ -17,6 +17,8 @@ OUT DHCPfwd(REJECT) -i vmbr0 -log nolog
 IN DNS(ACCEPT) -i vmbr0 -log nolog
 IN Ping(ACCEPT) -i vmbr0 -log nolog
 IN SSH(ACCEPT) -i vmbr0 -log nolog
+IN ACCEPT -i vmbr0 -p udp -dport 51820 -log nolog # Wireguard
+IN ACCEPT -i vmbr0 -p udp -dport 51821 -log nolog # Wireguard (alt)
 |IN OpenVPN(ACCEPT) -i vmbr0 -log nolog
 IN Web(ACCEPT) -i vmbr0 -log nolog
 IN ACCEPT -i vmbr0 -p udp -dport 22027 -log nolog # syncthing

wireguard/make.sh

@@ -52,13 +52,15 @@ xread "Wireguard endpoint port: " ENDPOINT_PORT
 CLIENT_IPS=${CLIENT_IPS:-10.42.0.0/16}
 ALLOWED_IPS=${ALLOWED_IPS:-0.0.0.0/0,${CLIENT_IPS}}
 
+DNS=${DNS:-${NS_LAN_IP:-${DFL_NS_LAN_IP}}}
+DNS=${DNS/\/*}
+xread "Local network DNS:" DNS
+
 xreadYes "Show profile as QRcode when done?" QRCODE
 
 readVars
 
 
-DNS=${NS_LAN_IP/\/*}
-
 
 
 #----------------------------------------------------------------------