I would really appreciate it if someone would double check me. Sorry for the screenshot. Either the Lemmy code button isn’t great or I’m just dum at formatting.
This has local *arr servers available and traceroute shows me going through the VPN.
The largest blue blotch is the ip address of a mullvad vpn server.
Rpi4, Raspberry Pi OS lite.
Mullvad VPN. IPv6 has been nuked. Using Wireguard through wg-quick.
wg2 originates from a .conf file from Mullvad with IPv6 stripped.
Do these UFW settings look right?
Just did some reading as it has been many years since I did firewall… looks like dns is mostly UDP, but fails over to TCP if the dns reply exceeds 512bytes.