GET https://kbin.spritesserver.nl/u/@RxBrad@lemmy.today/top

Response
200 OK
IP
18.220.18.186
Profiled on
Token
b4cf25

Security

Token

There is no security token.

Firewall

main Name
Security enabled
Stateless

Configuration

Key Value
provider security.user.provider.concrete.app_user_provider
context main
entry_point App\Security\KbinAuthenticator
user_checker App\Security\UserChecker
access_denied_handler (none)
access_denied_url (none)
authenticators 
[
  "two_factor"
  "remember_me"
  "App\Security\KbinAuthenticator"
  "App\Security\FacebookAuthenticator"
  "App\Security\GoogleAuthenticator"
  "App\Security\GithubAuthenticator"
  "App\Security\KeycloakAuthenticator"
]

Listeners

Listener Duration Response 
Symfony\Component\Security\Http\Firewall\ChannelListener {#723
  -map: Symfony\Component\Security\Http\AccessMap {#722 …}
  -logger: Monolog\Logger {#783 …}
  -httpPort: 80
  -httpsPort: 443
}
 0.00 ms (none) 
Symfony\Component\Security\Http\Firewall\ContextListener {#706
  -tokenStorage: Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage {#1017 …}
  -sessionKey: "_security_main"
  -logger: Monolog\Logger {#783 …}
  -userProviders: Symfony\Component\DependencyInjection\Argument\RewindableGenerator {#705 …}
  -dispatcher: Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher {#747 …}
  -registered: false
  -trustResolver: Scheb\TwoFactorBundle\Security\Authentication\AuthenticationTrustResolver {#780 …}
  -sessionTrackerEnabler: Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage::enableUsageTracking(): void {#703 …}
}
 0.51 ms (none) 
Symfony\Component\Security\Http\Firewall\AuthenticatorManagerListener {#584
  -authenticatorManager: Symfony\Component\Security\Http\Authentication\AuthenticatorManager {#595 …}
}
 0.00 ms (none) 
Scheb\TwoFactorBundle\Security\Http\Firewall\TwoFactorAccessListener {#582
  -twoFactorFirewallConfig: Scheb\TwoFactorBundle\Security\TwoFactor\TwoFactorFirewallConfig {#842 …}
  -tokenStorage: Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage {#1018 …}
  -twoFactorAccessDecider: Scheb\TwoFactorBundle\Security\Authorization\TwoFactorAccessDecider {#581 …}
}
 0.05 ms (none) 
Symfony\Component\Security\Http\Firewall\AccessListener {#579
  -tokenStorage: Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage {#1018 …}
  -accessDecisionManager: Symfony\Component\Security\Core\Authorization\TraceableAccessDecisionManager {#937 …}
  -map: Symfony\Component\Security\Http\AccessMap {#722 …}
}
 0.00 ms (none) 
Symfony\Component\Security\Http\Firewall\LogoutListener {#786
  -tokenStorage: Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage {#1018 …}
  -options: [
    "csrf_parameter" => "_csrf_token"
    "csrf_token_id" => "logout"
    "logout_path" => "app_logout"
  ]
  -httpUtils: Symfony\Component\Security\Http\HttpUtils {#841 …}
  -csrfTokenManager: Symfony\Component\Security\Csrf\CsrfTokenManager {#1015 …}
  -eventDispatcher: Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher {#747 …}
}
 0.00 ms (none)

Authenticators

No authenticators have been recorded. Check previous profiles on your authentication endpoint.

Access Decision

affirmative Strategy
# Voter class
1 
"Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter"
2 
"Scheb\TwoFactorBundle\Security\Authorization\Voter\TwoFactorInProgressVoter"
3 
"Symfony\Component\Security\Core\Authorization\Voter\RoleHierarchyVoter"
4 
"Symfony\Component\Security\Core\Authorization\Voter\ExpressionVoter"
5 
"App\Security\Voter\EntryCommentVoter"
6 
"App\Security\Voter\EntryVoter"
7 
"App\Security\Voter\MagazineVoter"
8 
"App\Security\Voter\MessageThreadVoter"
9 
"App\Security\Voter\MessageVoter"
10 
"App\Security\Voter\NotificationVoter"
11 
"App\Security\Voter\OAuth2UserConsentVoter"
12 
"App\Security\Voter\PostCommentVoter"
13 
"App\Security\Voter\PostVoter"
14 
"App\Security\Voter\UserVoter"

Access decision log

# Result Attributes Object
1 DENIED ROLE_USER 
null
 
"Scheb\TwoFactorBundle\Security\Authorization\Voter\TwoFactorInProgressVoter"
 ACCESS ABSTAIN 
"Symfony\Component\Security\Core\Authorization\Voter\RoleHierarchyVoter"
 ACCESS DENIED 
"App\Security\Voter\EntryCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\EntryVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MagazineVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageThreadVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\NotificationVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\OAuth2UserConsentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\UserVoter"
 ACCESS ABSTAIN
Show voter details
2 DENIED moderate 
Proxies\__CG__\App\Entity\Entry {#1549
  +user: Proxies\__CG__\App\Entity\User {#2372 …}
  +magazine: Proxies\__CG__\App\Entity\Magazine {#1559 …}
  +image: null
  +domain: Proxies\__CG__\App\Entity\Domain {#2422 …}
  +slug: "Issues-forwarding-traffic-through-a-wireguard-connection"
  +title: "Issues forwarding traffic through a wireguard connection"
  +url: null
  +body: """
    I am attempting to follow this [procustodibus.com/…/wireguard-port-forward-from-i…](https://www.procustodibus.com/blog/2022/09/wireguard-port-forward-from-internet) to forward traffic from a few ports on a public oracle vps to other ports on my local server through a wireguard connection. Currently I am doing this using rinetd, but I was looking for a more normal way of forwarding traffic. (Also looking to forward UDP traffic at some point.)\n
    \n
    After stopping rinetd, adding these rules to the public server’s wg config\n
    \n
    ```\n
    \n
    <span style="color:#323232;"># packet forwarding\n
    </span><span style="color:#323232;">PreUp = sysctl -w net.ipv4.ip_forward=1\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;"># port forwarding\n
    </span><span style="color:#323232;">PreUp = iptables -t nat -A PREROUTING -i ens3 -p tcp --dport 443 -j DNAT --to-destination 10.144.65.2:8443\n
    </span><span style="color:#323232;">PostDown = iptables -t nat -D PREROUTING -i ens3 -p tcp --dport 443 -j DNAT --to-destination 10.144.65.2:8443\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;"># packet masquerading\n
    </span><span style="color:#323232;">PreUp = iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE\n
    </span><span style="color:#323232;">PostDown = iptables -t nat -D POSTROUTING -o wg0 -j MASQUERADE\n
    </span>\n
    ```\n
    \n
    and restarting the wg connection, I’m seeing traffic on the ens3 port but none entering wg0 via tcpdump. I feel like I probably have conflicting iptables rules saved [pastebin.com/0eNwhNKM](https://pastebin.com/0eNwhNKM) but I don’t really know enough about whats going on there to fix it. I feel like its probably the wireguard-*-rule ones (created by pivpn possibly?) but I’m not sure.\n
    \n
    Edit way later: Ended up just using rinetd for the udp connections. Ubuntu doesn’t include the latest version here [github.com/samhocevar/rinetd](https://github.com/samhocevar/rinetd) which *is* able to do UDP connections. The docker container RxBrad suggested uses that version within the docker container to make the redirections so it will be roughly equivalent.
    """
  +type: "article"
  +lang: "en"
  +isOc: false
  +hasEmbed: false
  +commentCount: 1
  +favouriteCount: 11
  +score: 0
  +isAdult: false
  +sticky: false
  +lastActive: DateTime @1711497033 {#1596
    date: 2024-03-27 00:50:33.0 +01:00
  }
  +ip: null
  +adaAmount: 0
  +tags: null
  +mentions: null
  +comments: Doctrine\ORM\PersistentCollection {#2462 …}
  +votes: Doctrine\ORM\PersistentCollection {#2461 …}
  +reports: Doctrine\ORM\PersistentCollection {#2453 …}
  +favourites: Doctrine\ORM\PersistentCollection {#1728 …}
  +notifications: Doctrine\ORM\PersistentCollection {#1734 …}
  +badges: Doctrine\ORM\PersistentCollection {#1628 …}
  +children: [
    App\Entity\EntryComment {#1665
      +user: App\Entity\User {#259 …}
      +entry: Proxies\__CG__\App\Entity\Entry {#1549 …2}
      +magazine: Proxies\__CG__\App\Entity\Magazine {#1559 …}
      +image: null
      +parent: null
      +root: null
      +body: """
        I’ve had good luck using this Docker container on both ends, using just a vanilla Ubuntu Oracle instance with the ports I need opened up.\n
        \n
        [github.com/…/docker-wireguard-tunnel](https://github.com/DigitallyRefined/docker-wireguard-tunnel)
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 0
      +score: 0
      +lastActive: DateTime @1704319347 {#1595
        date: 2024-01-03 23:02:27.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@sxt@lemmy.world"
      ]
      +children: Doctrine\ORM\PersistentCollection {#1550 …}
      +nested: Doctrine\ORM\PersistentCollection {#1525 …}
      +votes: Doctrine\ORM\PersistentCollection {#1527 …}
      +reports: Doctrine\ORM\PersistentCollection {#1526 …}
      +favourites: Doctrine\ORM\PersistentCollection {#1563 …}
      +notifications: Doctrine\ORM\PersistentCollection {#1571 …}
      -id: 278870
      -bodyTs: "'/digitallyrefined/docker-wireguard-tunnel)':31 '/docker-wireguard-tunnel':28 'contain':9 'docker':8 'end':12 'github.com':27,30 'github.com/digitallyrefined/docker-wireguard-tunnel)':29 'good':4 'instanc':19 'luck':5 'need':24 'open':25 'oracl':18 'port':22 'ubuntu':17 'use':6,13 'vanilla':16 've':2"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.today/comment/4459474"
      +editedAt: null
      +createdAt: DateTimeImmutable @1704319347 {#1612
        date: 2024-01-03 23:02:27.0 +01:00
      }
      +"title": 278870
    }
  ]
  -id: 27027
  -titleTs: "'connect':7 'forward':2 'issu':1 'traffic':3 'wireguard':6"
  -bodyTs: "'/0enwhnkm](https://pastebin.com/0enwhnkm)':177 '/blog/2022/09/wireguard-port-forward-from-internet)':11 '/samhocevar/rinetd](https://github.com/samhocevar/rinetd)':233 '/wireguard-port-forward-from-i':8 '1':83 '10.144.65.2':103,122 '443':97,116 '8443':104,123 'abl':236 'ad':66 'also':54 'attempt':3 'config':75 'conflict':171 'connect':34,150,222,240 'contain':243,252 'creat':202 'current':35 'd':109,140 'destin':102,121 'dnat':99,118 'docker':242,251 'doesn':224 'dport':96,115 'edit':211 'end':214 'enough':184 'ens3':93,112,157 'enter':161 'equival':262 'feel':166,194 'fix':191 'follow':5 'forward':13,52,57,77,82,85 'github.com':232 'github.com/samhocevar/rinetd](https://github.com/samhocevar/rinetd)':231 'go':187 'includ':226 'iptabl':87,106,127,137,172 'j':98,117,134,144 'know':183 'later':213 'latest':228 'like':167,195 'local':29 'look':45,55 'm':152,208 'make':254 'masquerad':125,135,145 'nat':89,108,129,139 'net.ipv4.ip':81 'none':160 'normal':49 'o':132,142 'one':201 'oracl':22 'p':94,113 'packet':76,124 'pastebin.com':176 'pastebin.com/0enwhnkm](https://pastebin.com/0enwhnkm)':175 'pivpn':204 'point':62 'port':18,26,84,158 'possibl':205 'postdown':105,136 'postrout':131,141 'prerout':91,110 'preup':78,86,126 'probabl':169,197 'procustodibus.com':7 'public':21,71 'realli':182 'redirect':256 'restart':147 'rinetd':41,65,218 'rough':261 'rule':68,173,200 'rxbrad':244 'save':174 'see':153 'server':30,72 'stop':64 'suggest':245 'sure':210 'sysctl':79 'tcp':95,114 'tcpdump':164 'to-destin':100,119 'traffic':14,53,59,154 'ubuntu':223 'udp':58,221,239 'use':40,217,246 'version':229,248 'via':163 'vps':23 'w':80 'way':50,212 'wg':74,149 'wg0':133,143,162 'what':186 'wireguard':33,199 'within':249 'www.procustodibus.com':10 'www.procustodibus.com/blog/2022/09/wireguard-port-forward-from-internet)':9"
  +cross: false
  +upVotes: 0
  +downVotes: 0
  +ranking: 1704345698
  +visibility: "visible             "
  +apId: "https://lemmy.world/post/10283380"
  +editedAt: DateTimeImmutable @1727046721 {#1648
    date: 2024-09-23 01:12:01.0 +02:00
  }
  +createdAt: DateTimeImmutable @1704316698 {#1680
    date: 2024-01-03 22:18:18.0 +01:00
  }
  +__isInitialized__: true
   …2
}
 
"Scheb\TwoFactorBundle\Security\Authorization\Voter\TwoFactorInProgressVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\EntryCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\EntryVoter"
 ACCESS DENIED 
"App\Security\Voter\MagazineVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageThreadVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\NotificationVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\OAuth2UserConsentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\UserVoter"
 ACCESS ABSTAIN
Show voter details
3 DENIED edit 
Proxies\__CG__\App\Entity\Entry {#1549
  +user: Proxies\__CG__\App\Entity\User {#2372 …}
  +magazine: Proxies\__CG__\App\Entity\Magazine {#1559 …}
  +image: null
  +domain: Proxies\__CG__\App\Entity\Domain {#2422 …}
  +slug: "Issues-forwarding-traffic-through-a-wireguard-connection"
  +title: "Issues forwarding traffic through a wireguard connection"
  +url: null
  +body: """
    I am attempting to follow this [procustodibus.com/…/wireguard-port-forward-from-i…](https://www.procustodibus.com/blog/2022/09/wireguard-port-forward-from-internet) to forward traffic from a few ports on a public oracle vps to other ports on my local server through a wireguard connection. Currently I am doing this using rinetd, but I was looking for a more normal way of forwarding traffic. (Also looking to forward UDP traffic at some point.)\n
    \n
    After stopping rinetd, adding these rules to the public server’s wg config\n
    \n
    ```\n
    \n
    <span style="color:#323232;"># packet forwarding\n
    </span><span style="color:#323232;">PreUp = sysctl -w net.ipv4.ip_forward=1\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;"># port forwarding\n
    </span><span style="color:#323232;">PreUp = iptables -t nat -A PREROUTING -i ens3 -p tcp --dport 443 -j DNAT --to-destination 10.144.65.2:8443\n
    </span><span style="color:#323232;">PostDown = iptables -t nat -D PREROUTING -i ens3 -p tcp --dport 443 -j DNAT --to-destination 10.144.65.2:8443\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;"># packet masquerading\n
    </span><span style="color:#323232;">PreUp = iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE\n
    </span><span style="color:#323232;">PostDown = iptables -t nat -D POSTROUTING -o wg0 -j MASQUERADE\n
    </span>\n
    ```\n
    \n
    and restarting the wg connection, I’m seeing traffic on the ens3 port but none entering wg0 via tcpdump. I feel like I probably have conflicting iptables rules saved [pastebin.com/0eNwhNKM](https://pastebin.com/0eNwhNKM) but I don’t really know enough about whats going on there to fix it. I feel like its probably the wireguard-*-rule ones (created by pivpn possibly?) but I’m not sure.\n
    \n
    Edit way later: Ended up just using rinetd for the udp connections. Ubuntu doesn’t include the latest version here [github.com/samhocevar/rinetd](https://github.com/samhocevar/rinetd) which *is* able to do UDP connections. The docker container RxBrad suggested uses that version within the docker container to make the redirections so it will be roughly equivalent.
    """
  +type: "article"
  +lang: "en"
  +isOc: false
  +hasEmbed: false
  +commentCount: 1
  +favouriteCount: 11
  +score: 0
  +isAdult: false
  +sticky: false
  +lastActive: DateTime @1711497033 {#1596
    date: 2024-03-27 00:50:33.0 +01:00
  }
  +ip: null
  +adaAmount: 0
  +tags: null
  +mentions: null
  +comments: Doctrine\ORM\PersistentCollection {#2462 …}
  +votes: Doctrine\ORM\PersistentCollection {#2461 …}
  +reports: Doctrine\ORM\PersistentCollection {#2453 …}
  +favourites: Doctrine\ORM\PersistentCollection {#1728 …}
  +notifications: Doctrine\ORM\PersistentCollection {#1734 …}
  +badges: Doctrine\ORM\PersistentCollection {#1628 …}
  +children: [
    App\Entity\EntryComment {#1665
      +user: App\Entity\User {#259 …}
      +entry: Proxies\__CG__\App\Entity\Entry {#1549 …2}
      +magazine: Proxies\__CG__\App\Entity\Magazine {#1559 …}
      +image: null
      +parent: null
      +root: null
      +body: """
        I’ve had good luck using this Docker container on both ends, using just a vanilla Ubuntu Oracle instance with the ports I need opened up.\n
        \n
        [github.com/…/docker-wireguard-tunnel](https://github.com/DigitallyRefined/docker-wireguard-tunnel)
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 0
      +score: 0
      +lastActive: DateTime @1704319347 {#1595
        date: 2024-01-03 23:02:27.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@sxt@lemmy.world"
      ]
      +children: Doctrine\ORM\PersistentCollection {#1550 …}
      +nested: Doctrine\ORM\PersistentCollection {#1525 …}
      +votes: Doctrine\ORM\PersistentCollection {#1527 …}
      +reports: Doctrine\ORM\PersistentCollection {#1526 …}
      +favourites: Doctrine\ORM\PersistentCollection {#1563 …}
      +notifications: Doctrine\ORM\PersistentCollection {#1571 …}
      -id: 278870
      -bodyTs: "'/digitallyrefined/docker-wireguard-tunnel)':31 '/docker-wireguard-tunnel':28 'contain':9 'docker':8 'end':12 'github.com':27,30 'github.com/digitallyrefined/docker-wireguard-tunnel)':29 'good':4 'instanc':19 'luck':5 'need':24 'open':25 'oracl':18 'port':22 'ubuntu':17 'use':6,13 'vanilla':16 've':2"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.today/comment/4459474"
      +editedAt: null
      +createdAt: DateTimeImmutable @1704319347 {#1612
        date: 2024-01-03 23:02:27.0 +01:00
      }
      +"title": 278870
    }
  ]
  -id: 27027
  -titleTs: "'connect':7 'forward':2 'issu':1 'traffic':3 'wireguard':6"
  -bodyTs: "'/0enwhnkm](https://pastebin.com/0enwhnkm)':177 '/blog/2022/09/wireguard-port-forward-from-internet)':11 '/samhocevar/rinetd](https://github.com/samhocevar/rinetd)':233 '/wireguard-port-forward-from-i':8 '1':83 '10.144.65.2':103,122 '443':97,116 '8443':104,123 'abl':236 'ad':66 'also':54 'attempt':3 'config':75 'conflict':171 'connect':34,150,222,240 'contain':243,252 'creat':202 'current':35 'd':109,140 'destin':102,121 'dnat':99,118 'docker':242,251 'doesn':224 'dport':96,115 'edit':211 'end':214 'enough':184 'ens3':93,112,157 'enter':161 'equival':262 'feel':166,194 'fix':191 'follow':5 'forward':13,52,57,77,82,85 'github.com':232 'github.com/samhocevar/rinetd](https://github.com/samhocevar/rinetd)':231 'go':187 'includ':226 'iptabl':87,106,127,137,172 'j':98,117,134,144 'know':183 'later':213 'latest':228 'like':167,195 'local':29 'look':45,55 'm':152,208 'make':254 'masquerad':125,135,145 'nat':89,108,129,139 'net.ipv4.ip':81 'none':160 'normal':49 'o':132,142 'one':201 'oracl':22 'p':94,113 'packet':76,124 'pastebin.com':176 'pastebin.com/0enwhnkm](https://pastebin.com/0enwhnkm)':175 'pivpn':204 'point':62 'port':18,26,84,158 'possibl':205 'postdown':105,136 'postrout':131,141 'prerout':91,110 'preup':78,86,126 'probabl':169,197 'procustodibus.com':7 'public':21,71 'realli':182 'redirect':256 'restart':147 'rinetd':41,65,218 'rough':261 'rule':68,173,200 'rxbrad':244 'save':174 'see':153 'server':30,72 'stop':64 'suggest':245 'sure':210 'sysctl':79 'tcp':95,114 'tcpdump':164 'to-destin':100,119 'traffic':14,53,59,154 'ubuntu':223 'udp':58,221,239 'use':40,217,246 'version':229,248 'via':163 'vps':23 'w':80 'way':50,212 'wg':74,149 'wg0':133,143,162 'what':186 'wireguard':33,199 'within':249 'www.procustodibus.com':10 'www.procustodibus.com/blog/2022/09/wireguard-port-forward-from-internet)':9"
  +cross: false
  +upVotes: 0
  +downVotes: 0
  +ranking: 1704345698
  +visibility: "visible             "
  +apId: "https://lemmy.world/post/10283380"
  +editedAt: DateTimeImmutable @1727046721 {#1648
    date: 2024-09-23 01:12:01.0 +02:00
  }
  +createdAt: DateTimeImmutable @1704316698 {#1680
    date: 2024-01-03 22:18:18.0 +01:00
  }
  +__isInitialized__: true
   …2
}
 
"Scheb\TwoFactorBundle\Security\Authorization\Voter\TwoFactorInProgressVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\EntryCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\EntryVoter"
 ACCESS DENIED 
"App\Security\Voter\MagazineVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageThreadVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\NotificationVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\OAuth2UserConsentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\UserVoter"
 ACCESS ABSTAIN
Show voter details
4 DENIED moderate 
Proxies\__CG__\App\Entity\Entry {#1549
  +user: Proxies\__CG__\App\Entity\User {#2372 …}
  +magazine: Proxies\__CG__\App\Entity\Magazine {#1559 …}
  +image: null
  +domain: Proxies\__CG__\App\Entity\Domain {#2422 …}
  +slug: "Issues-forwarding-traffic-through-a-wireguard-connection"
  +title: "Issues forwarding traffic through a wireguard connection"
  +url: null
  +body: """
    I am attempting to follow this [procustodibus.com/…/wireguard-port-forward-from-i…](https://www.procustodibus.com/blog/2022/09/wireguard-port-forward-from-internet) to forward traffic from a few ports on a public oracle vps to other ports on my local server through a wireguard connection. Currently I am doing this using rinetd, but I was looking for a more normal way of forwarding traffic. (Also looking to forward UDP traffic at some point.)\n
    \n
    After stopping rinetd, adding these rules to the public server’s wg config\n
    \n
    ```\n
    \n
    <span style="color:#323232;"># packet forwarding\n
    </span><span style="color:#323232;">PreUp = sysctl -w net.ipv4.ip_forward=1\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;"># port forwarding\n
    </span><span style="color:#323232;">PreUp = iptables -t nat -A PREROUTING -i ens3 -p tcp --dport 443 -j DNAT --to-destination 10.144.65.2:8443\n
    </span><span style="color:#323232;">PostDown = iptables -t nat -D PREROUTING -i ens3 -p tcp --dport 443 -j DNAT --to-destination 10.144.65.2:8443\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;"># packet masquerading\n
    </span><span style="color:#323232;">PreUp = iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE\n
    </span><span style="color:#323232;">PostDown = iptables -t nat -D POSTROUTING -o wg0 -j MASQUERADE\n
    </span>\n
    ```\n
    \n
    and restarting the wg connection, I’m seeing traffic on the ens3 port but none entering wg0 via tcpdump. I feel like I probably have conflicting iptables rules saved [pastebin.com/0eNwhNKM](https://pastebin.com/0eNwhNKM) but I don’t really know enough about whats going on there to fix it. I feel like its probably the wireguard-*-rule ones (created by pivpn possibly?) but I’m not sure.\n
    \n
    Edit way later: Ended up just using rinetd for the udp connections. Ubuntu doesn’t include the latest version here [github.com/samhocevar/rinetd](https://github.com/samhocevar/rinetd) which *is* able to do UDP connections. The docker container RxBrad suggested uses that version within the docker container to make the redirections so it will be roughly equivalent.
    """
  +type: "article"
  +lang: "en"
  +isOc: false
  +hasEmbed: false
  +commentCount: 1
  +favouriteCount: 11
  +score: 0
  +isAdult: false
  +sticky: false
  +lastActive: DateTime @1711497033 {#1596
    date: 2024-03-27 00:50:33.0 +01:00
  }
  +ip: null
  +adaAmount: 0
  +tags: null
  +mentions: null
  +comments: Doctrine\ORM\PersistentCollection {#2462 …}
  +votes: Doctrine\ORM\PersistentCollection {#2461 …}
  +reports: Doctrine\ORM\PersistentCollection {#2453 …}
  +favourites: Doctrine\ORM\PersistentCollection {#1728 …}
  +notifications: Doctrine\ORM\PersistentCollection {#1734 …}
  +badges: Doctrine\ORM\PersistentCollection {#1628 …}
  +children: [
    App\Entity\EntryComment {#1665
      +user: App\Entity\User {#259 …}
      +entry: Proxies\__CG__\App\Entity\Entry {#1549 …2}
      +magazine: Proxies\__CG__\App\Entity\Magazine {#1559 …}
      +image: null
      +parent: null
      +root: null
      +body: """
        I’ve had good luck using this Docker container on both ends, using just a vanilla Ubuntu Oracle instance with the ports I need opened up.\n
        \n
        [github.com/…/docker-wireguard-tunnel](https://github.com/DigitallyRefined/docker-wireguard-tunnel)
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 0
      +score: 0
      +lastActive: DateTime @1704319347 {#1595
        date: 2024-01-03 23:02:27.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@sxt@lemmy.world"
      ]
      +children: Doctrine\ORM\PersistentCollection {#1550 …}
      +nested: Doctrine\ORM\PersistentCollection {#1525 …}
      +votes: Doctrine\ORM\PersistentCollection {#1527 …}
      +reports: Doctrine\ORM\PersistentCollection {#1526 …}
      +favourites: Doctrine\ORM\PersistentCollection {#1563 …}
      +notifications: Doctrine\ORM\PersistentCollection {#1571 …}
      -id: 278870
      -bodyTs: "'/digitallyrefined/docker-wireguard-tunnel)':31 '/docker-wireguard-tunnel':28 'contain':9 'docker':8 'end':12 'github.com':27,30 'github.com/digitallyrefined/docker-wireguard-tunnel)':29 'good':4 'instanc':19 'luck':5 'need':24 'open':25 'oracl':18 'port':22 'ubuntu':17 'use':6,13 'vanilla':16 've':2"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.today/comment/4459474"
      +editedAt: null
      +createdAt: DateTimeImmutable @1704319347 {#1612
        date: 2024-01-03 23:02:27.0 +01:00
      }
      +"title": 278870
    }
  ]
  -id: 27027
  -titleTs: "'connect':7 'forward':2 'issu':1 'traffic':3 'wireguard':6"
  -bodyTs: "'/0enwhnkm](https://pastebin.com/0enwhnkm)':177 '/blog/2022/09/wireguard-port-forward-from-internet)':11 '/samhocevar/rinetd](https://github.com/samhocevar/rinetd)':233 '/wireguard-port-forward-from-i':8 '1':83 '10.144.65.2':103,122 '443':97,116 '8443':104,123 'abl':236 'ad':66 'also':54 'attempt':3 'config':75 'conflict':171 'connect':34,150,222,240 'contain':243,252 'creat':202 'current':35 'd':109,140 'destin':102,121 'dnat':99,118 'docker':242,251 'doesn':224 'dport':96,115 'edit':211 'end':214 'enough':184 'ens3':93,112,157 'enter':161 'equival':262 'feel':166,194 'fix':191 'follow':5 'forward':13,52,57,77,82,85 'github.com':232 'github.com/samhocevar/rinetd](https://github.com/samhocevar/rinetd)':231 'go':187 'includ':226 'iptabl':87,106,127,137,172 'j':98,117,134,144 'know':183 'later':213 'latest':228 'like':167,195 'local':29 'look':45,55 'm':152,208 'make':254 'masquerad':125,135,145 'nat':89,108,129,139 'net.ipv4.ip':81 'none':160 'normal':49 'o':132,142 'one':201 'oracl':22 'p':94,113 'packet':76,124 'pastebin.com':176 'pastebin.com/0enwhnkm](https://pastebin.com/0enwhnkm)':175 'pivpn':204 'point':62 'port':18,26,84,158 'possibl':205 'postdown':105,136 'postrout':131,141 'prerout':91,110 'preup':78,86,126 'probabl':169,197 'procustodibus.com':7 'public':21,71 'realli':182 'redirect':256 'restart':147 'rinetd':41,65,218 'rough':261 'rule':68,173,200 'rxbrad':244 'save':174 'see':153 'server':30,72 'stop':64 'suggest':245 'sure':210 'sysctl':79 'tcp':95,114 'tcpdump':164 'to-destin':100,119 'traffic':14,53,59,154 'ubuntu':223 'udp':58,221,239 'use':40,217,246 'version':229,248 'via':163 'vps':23 'w':80 'way':50,212 'wg':74,149 'wg0':133,143,162 'what':186 'wireguard':33,199 'within':249 'www.procustodibus.com':10 'www.procustodibus.com/blog/2022/09/wireguard-port-forward-from-internet)':9"
  +cross: false
  +upVotes: 0
  +downVotes: 0
  +ranking: 1704345698
  +visibility: "visible             "
  +apId: "https://lemmy.world/post/10283380"
  +editedAt: DateTimeImmutable @1727046721 {#1648
    date: 2024-09-23 01:12:01.0 +02:00
  }
  +createdAt: DateTimeImmutable @1704316698 {#1680
    date: 2024-01-03 22:18:18.0 +01:00
  }
  +__isInitialized__: true
   …2
}
 
"Scheb\TwoFactorBundle\Security\Authorization\Voter\TwoFactorInProgressVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\EntryCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\EntryVoter"
 ACCESS DENIED 
"App\Security\Voter\MagazineVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageThreadVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\NotificationVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\OAuth2UserConsentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\UserVoter"
 ACCESS ABSTAIN
Show voter details
5 DENIED ROLE_USER 
null
 
"Scheb\TwoFactorBundle\Security\Authorization\Voter\TwoFactorInProgressVoter"
 ACCESS ABSTAIN 
"Symfony\Component\Security\Core\Authorization\Voter\RoleHierarchyVoter"
 ACCESS DENIED 
"App\Security\Voter\EntryCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\EntryVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MagazineVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageThreadVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\NotificationVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\OAuth2UserConsentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\UserVoter"
 ACCESS ABSTAIN
Show voter details
6 DENIED moderate 
App\Entity\EntryComment {#1665
  +user: App\Entity\User {#259 …}
  +entry: Proxies\__CG__\App\Entity\Entry {#1549
    +user: Proxies\__CG__\App\Entity\User {#2372 …}
    +magazine: Proxies\__CG__\App\Entity\Magazine {#1559 …}
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#2422 …}
    +slug: "Issues-forwarding-traffic-through-a-wireguard-connection"
    +title: "Issues forwarding traffic through a wireguard connection"
    +url: null
    +body: """
      I am attempting to follow this [procustodibus.com/…/wireguard-port-forward-from-i…](https://www.procustodibus.com/blog/2022/09/wireguard-port-forward-from-internet) to forward traffic from a few ports on a public oracle vps to other ports on my local server through a wireguard connection. Currently I am doing this using rinetd, but I was looking for a more normal way of forwarding traffic. (Also looking to forward UDP traffic at some point.)\n
      \n
      After stopping rinetd, adding these rules to the public server’s wg config\n
      \n
      ```\n
      \n
      <span style="color:#323232;"># packet forwarding\n
      </span><span style="color:#323232;">PreUp = sysctl -w net.ipv4.ip_forward=1\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;"># port forwarding\n
      </span><span style="color:#323232;">PreUp = iptables -t nat -A PREROUTING -i ens3 -p tcp --dport 443 -j DNAT --to-destination 10.144.65.2:8443\n
      </span><span style="color:#323232;">PostDown = iptables -t nat -D PREROUTING -i ens3 -p tcp --dport 443 -j DNAT --to-destination 10.144.65.2:8443\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;"># packet masquerading\n
      </span><span style="color:#323232;">PreUp = iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE\n
      </span><span style="color:#323232;">PostDown = iptables -t nat -D POSTROUTING -o wg0 -j MASQUERADE\n
      </span>\n
      ```\n
      \n
      and restarting the wg connection, I’m seeing traffic on the ens3 port but none entering wg0 via tcpdump. I feel like I probably have conflicting iptables rules saved [pastebin.com/0eNwhNKM](https://pastebin.com/0eNwhNKM) but I don’t really know enough about whats going on there to fix it. I feel like its probably the wireguard-*-rule ones (created by pivpn possibly?) but I’m not sure.\n
      \n
      Edit way later: Ended up just using rinetd for the udp connections. Ubuntu doesn’t include the latest version here [github.com/samhocevar/rinetd](https://github.com/samhocevar/rinetd) which *is* able to do UDP connections. The docker container RxBrad suggested uses that version within the docker container to make the redirections so it will be roughly equivalent.
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 1
    +favouriteCount: 11
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1711497033 {#1596
      date: 2024-03-27 00:50:33.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#2462 …}
    +votes: Doctrine\ORM\PersistentCollection {#2461 …}
    +reports: Doctrine\ORM\PersistentCollection {#2453 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1728 …}
    +notifications: Doctrine\ORM\PersistentCollection {#1734 …}
    +badges: Doctrine\ORM\PersistentCollection {#1628 …}
    +children: [
      App\Entity\EntryComment {#1665}
    ]
    -id: 27027
    -titleTs: "'connect':7 'forward':2 'issu':1 'traffic':3 'wireguard':6"
    -bodyTs: "'/0enwhnkm](https://pastebin.com/0enwhnkm)':177 '/blog/2022/09/wireguard-port-forward-from-internet)':11 '/samhocevar/rinetd](https://github.com/samhocevar/rinetd)':233 '/wireguard-port-forward-from-i':8 '1':83 '10.144.65.2':103,122 '443':97,116 '8443':104,123 'abl':236 'ad':66 'also':54 'attempt':3 'config':75 'conflict':171 'connect':34,150,222,240 'contain':243,252 'creat':202 'current':35 'd':109,140 'destin':102,121 'dnat':99,118 'docker':242,251 'doesn':224 'dport':96,115 'edit':211 'end':214 'enough':184 'ens3':93,112,157 'enter':161 'equival':262 'feel':166,194 'fix':191 'follow':5 'forward':13,52,57,77,82,85 'github.com':232 'github.com/samhocevar/rinetd](https://github.com/samhocevar/rinetd)':231 'go':187 'includ':226 'iptabl':87,106,127,137,172 'j':98,117,134,144 'know':183 'later':213 'latest':228 'like':167,195 'local':29 'look':45,55 'm':152,208 'make':254 'masquerad':125,135,145 'nat':89,108,129,139 'net.ipv4.ip':81 'none':160 'normal':49 'o':132,142 'one':201 'oracl':22 'p':94,113 'packet':76,124 'pastebin.com':176 'pastebin.com/0enwhnkm](https://pastebin.com/0enwhnkm)':175 'pivpn':204 'point':62 'port':18,26,84,158 'possibl':205 'postdown':105,136 'postrout':131,141 'prerout':91,110 'preup':78,86,126 'probabl':169,197 'procustodibus.com':7 'public':21,71 'realli':182 'redirect':256 'restart':147 'rinetd':41,65,218 'rough':261 'rule':68,173,200 'rxbrad':244 'save':174 'see':153 'server':30,72 'stop':64 'suggest':245 'sure':210 'sysctl':79 'tcp':95,114 'tcpdump':164 'to-destin':100,119 'traffic':14,53,59,154 'ubuntu':223 'udp':58,221,239 'use':40,217,246 'version':229,248 'via':163 'vps':23 'w':80 'way':50,212 'wg':74,149 'wg0':133,143,162 'what':186 'wireguard':33,199 'within':249 'www.procustodibus.com':10 'www.procustodibus.com/blog/2022/09/wireguard-port-forward-from-internet)':9"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1704345698
    +visibility: "visible             "
    +apId: "https://lemmy.world/post/10283380"
    +editedAt: DateTimeImmutable @1727046721 {#1648
      date: 2024-09-23 01:12:01.0 +02:00
    }
    +createdAt: DateTimeImmutable @1704316698 {#1680
      date: 2024-01-03 22:18:18.0 +01:00
    }
    +__isInitialized__: true
     …2
  }
  +magazine: Proxies\__CG__\App\Entity\Magazine {#1559 …}
  +image: null
  +parent: null
  +root: null
  +body: """
    I’ve had good luck using this Docker container on both ends, using just a vanilla Ubuntu Oracle instance with the ports I need opened up.\n
    \n
    [github.com/…/docker-wireguard-tunnel](https://github.com/DigitallyRefined/docker-wireguard-tunnel)
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 0
  +score: 0
  +lastActive: DateTime @1704319347 {#1595
    date: 2024-01-03 23:02:27.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@sxt@lemmy.world"
  ]
  +children: Doctrine\ORM\PersistentCollection {#1550 …}
  +nested: Doctrine\ORM\PersistentCollection {#1525 …}
  +votes: Doctrine\ORM\PersistentCollection {#1527 …}
  +reports: Doctrine\ORM\PersistentCollection {#1526 …}
  +favourites: Doctrine\ORM\PersistentCollection {#1563 …}
  +notifications: Doctrine\ORM\PersistentCollection {#1571 …}
  -id: 278870
  -bodyTs: "'/digitallyrefined/docker-wireguard-tunnel)':31 '/docker-wireguard-tunnel':28 'contain':9 'docker':8 'end':12 'github.com':27,30 'github.com/digitallyrefined/docker-wireguard-tunnel)':29 'good':4 'instanc':19 'luck':5 'need':24 'open':25 'oracl':18 'port':22 'ubuntu':17 'use':6,13 'vanilla':16 've':2"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.today/comment/4459474"
  +editedAt: null
  +createdAt: DateTimeImmutable @1704319347 {#1612
    date: 2024-01-03 23:02:27.0 +01:00
  }
  +"title": 278870
}
 
"Scheb\TwoFactorBundle\Security\Authorization\Voter\TwoFactorInProgressVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\EntryCommentVoter"
 ACCESS DENIED 
"App\Security\Voter\EntryVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MagazineVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageThreadVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\NotificationVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\OAuth2UserConsentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\UserVoter"
 ACCESS ABSTAIN
Show voter details
7 DENIED edit 
App\Entity\EntryComment {#1665
  +user: App\Entity\User {#259 …}
  +entry: Proxies\__CG__\App\Entity\Entry {#1549
    +user: Proxies\__CG__\App\Entity\User {#2372 …}
    +magazine: Proxies\__CG__\App\Entity\Magazine {#1559 …}
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#2422 …}
    +slug: "Issues-forwarding-traffic-through-a-wireguard-connection"
    +title: "Issues forwarding traffic through a wireguard connection"
    +url: null
    +body: """
      I am attempting to follow this [procustodibus.com/…/wireguard-port-forward-from-i…](https://www.procustodibus.com/blog/2022/09/wireguard-port-forward-from-internet) to forward traffic from a few ports on a public oracle vps to other ports on my local server through a wireguard connection. Currently I am doing this using rinetd, but I was looking for a more normal way of forwarding traffic. (Also looking to forward UDP traffic at some point.)\n
      \n
      After stopping rinetd, adding these rules to the public server’s wg config\n
      \n
      ```\n
      \n
      <span style="color:#323232;"># packet forwarding\n
      </span><span style="color:#323232;">PreUp = sysctl -w net.ipv4.ip_forward=1\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;"># port forwarding\n
      </span><span style="color:#323232;">PreUp = iptables -t nat -A PREROUTING -i ens3 -p tcp --dport 443 -j DNAT --to-destination 10.144.65.2:8443\n
      </span><span style="color:#323232;">PostDown = iptables -t nat -D PREROUTING -i ens3 -p tcp --dport 443 -j DNAT --to-destination 10.144.65.2:8443\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;"># packet masquerading\n
      </span><span style="color:#323232;">PreUp = iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE\n
      </span><span style="color:#323232;">PostDown = iptables -t nat -D POSTROUTING -o wg0 -j MASQUERADE\n
      </span>\n
      ```\n
      \n
      and restarting the wg connection, I’m seeing traffic on the ens3 port but none entering wg0 via tcpdump. I feel like I probably have conflicting iptables rules saved [pastebin.com/0eNwhNKM](https://pastebin.com/0eNwhNKM) but I don’t really know enough about whats going on there to fix it. I feel like its probably the wireguard-*-rule ones (created by pivpn possibly?) but I’m not sure.\n
      \n
      Edit way later: Ended up just using rinetd for the udp connections. Ubuntu doesn’t include the latest version here [github.com/samhocevar/rinetd](https://github.com/samhocevar/rinetd) which *is* able to do UDP connections. The docker container RxBrad suggested uses that version within the docker container to make the redirections so it will be roughly equivalent.
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 1
    +favouriteCount: 11
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1711497033 {#1596
      date: 2024-03-27 00:50:33.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#2462 …}
    +votes: Doctrine\ORM\PersistentCollection {#2461 …}
    +reports: Doctrine\ORM\PersistentCollection {#2453 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1728 …}
    +notifications: Doctrine\ORM\PersistentCollection {#1734 …}
    +badges: Doctrine\ORM\PersistentCollection {#1628 …}
    +children: [
      App\Entity\EntryComment {#1665}
    ]
    -id: 27027
    -titleTs: "'connect':7 'forward':2 'issu':1 'traffic':3 'wireguard':6"
    -bodyTs: "'/0enwhnkm](https://pastebin.com/0enwhnkm)':177 '/blog/2022/09/wireguard-port-forward-from-internet)':11 '/samhocevar/rinetd](https://github.com/samhocevar/rinetd)':233 '/wireguard-port-forward-from-i':8 '1':83 '10.144.65.2':103,122 '443':97,116 '8443':104,123 'abl':236 'ad':66 'also':54 'attempt':3 'config':75 'conflict':171 'connect':34,150,222,240 'contain':243,252 'creat':202 'current':35 'd':109,140 'destin':102,121 'dnat':99,118 'docker':242,251 'doesn':224 'dport':96,115 'edit':211 'end':214 'enough':184 'ens3':93,112,157 'enter':161 'equival':262 'feel':166,194 'fix':191 'follow':5 'forward':13,52,57,77,82,85 'github.com':232 'github.com/samhocevar/rinetd](https://github.com/samhocevar/rinetd)':231 'go':187 'includ':226 'iptabl':87,106,127,137,172 'j':98,117,134,144 'know':183 'later':213 'latest':228 'like':167,195 'local':29 'look':45,55 'm':152,208 'make':254 'masquerad':125,135,145 'nat':89,108,129,139 'net.ipv4.ip':81 'none':160 'normal':49 'o':132,142 'one':201 'oracl':22 'p':94,113 'packet':76,124 'pastebin.com':176 'pastebin.com/0enwhnkm](https://pastebin.com/0enwhnkm)':175 'pivpn':204 'point':62 'port':18,26,84,158 'possibl':205 'postdown':105,136 'postrout':131,141 'prerout':91,110 'preup':78,86,126 'probabl':169,197 'procustodibus.com':7 'public':21,71 'realli':182 'redirect':256 'restart':147 'rinetd':41,65,218 'rough':261 'rule':68,173,200 'rxbrad':244 'save':174 'see':153 'server':30,72 'stop':64 'suggest':245 'sure':210 'sysctl':79 'tcp':95,114 'tcpdump':164 'to-destin':100,119 'traffic':14,53,59,154 'ubuntu':223 'udp':58,221,239 'use':40,217,246 'version':229,248 'via':163 'vps':23 'w':80 'way':50,212 'wg':74,149 'wg0':133,143,162 'what':186 'wireguard':33,199 'within':249 'www.procustodibus.com':10 'www.procustodibus.com/blog/2022/09/wireguard-port-forward-from-internet)':9"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1704345698
    +visibility: "visible             "
    +apId: "https://lemmy.world/post/10283380"
    +editedAt: DateTimeImmutable @1727046721 {#1648
      date: 2024-09-23 01:12:01.0 +02:00
    }
    +createdAt: DateTimeImmutable @1704316698 {#1680
      date: 2024-01-03 22:18:18.0 +01:00
    }
    +__isInitialized__: true
     …2
  }
  +magazine: Proxies\__CG__\App\Entity\Magazine {#1559 …}
  +image: null
  +parent: null
  +root: null
  +body: """
    I’ve had good luck using this Docker container on both ends, using just a vanilla Ubuntu Oracle instance with the ports I need opened up.\n
    \n
    [github.com/…/docker-wireguard-tunnel](https://github.com/DigitallyRefined/docker-wireguard-tunnel)
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 0
  +score: 0
  +lastActive: DateTime @1704319347 {#1595
    date: 2024-01-03 23:02:27.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@sxt@lemmy.world"
  ]
  +children: Doctrine\ORM\PersistentCollection {#1550 …}
  +nested: Doctrine\ORM\PersistentCollection {#1525 …}
  +votes: Doctrine\ORM\PersistentCollection {#1527 …}
  +reports: Doctrine\ORM\PersistentCollection {#1526 …}
  +favourites: Doctrine\ORM\PersistentCollection {#1563 …}
  +notifications: Doctrine\ORM\PersistentCollection {#1571 …}
  -id: 278870
  -bodyTs: "'/digitallyrefined/docker-wireguard-tunnel)':31 '/docker-wireguard-tunnel':28 'contain':9 'docker':8 'end':12 'github.com':27,30 'github.com/digitallyrefined/docker-wireguard-tunnel)':29 'good':4 'instanc':19 'luck':5 'need':24 'open':25 'oracl':18 'port':22 'ubuntu':17 'use':6,13 'vanilla':16 've':2"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.today/comment/4459474"
  +editedAt: null
  +createdAt: DateTimeImmutable @1704319347 {#1612
    date: 2024-01-03 23:02:27.0 +01:00
  }
  +"title": 278870
}
 
"Scheb\TwoFactorBundle\Security\Authorization\Voter\TwoFactorInProgressVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\EntryCommentVoter"
 ACCESS DENIED 
"App\Security\Voter\EntryVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MagazineVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageThreadVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\NotificationVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\OAuth2UserConsentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\UserVoter"
 ACCESS ABSTAIN
Show voter details
8 DENIED moderate 
App\Entity\EntryComment {#1665
  +user: App\Entity\User {#259 …}
  +entry: Proxies\__CG__\App\Entity\Entry {#1549
    +user: Proxies\__CG__\App\Entity\User {#2372 …}
    +magazine: Proxies\__CG__\App\Entity\Magazine {#1559 …}
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#2422 …}
    +slug: "Issues-forwarding-traffic-through-a-wireguard-connection"
    +title: "Issues forwarding traffic through a wireguard connection"
    +url: null
    +body: """
      I am attempting to follow this [procustodibus.com/…/wireguard-port-forward-from-i…](https://www.procustodibus.com/blog/2022/09/wireguard-port-forward-from-internet) to forward traffic from a few ports on a public oracle vps to other ports on my local server through a wireguard connection. Currently I am doing this using rinetd, but I was looking for a more normal way of forwarding traffic. (Also looking to forward UDP traffic at some point.)\n
      \n
      After stopping rinetd, adding these rules to the public server’s wg config\n
      \n
      ```\n
      \n
      <span style="color:#323232;"># packet forwarding\n
      </span><span style="color:#323232;">PreUp = sysctl -w net.ipv4.ip_forward=1\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;"># port forwarding\n
      </span><span style="color:#323232;">PreUp = iptables -t nat -A PREROUTING -i ens3 -p tcp --dport 443 -j DNAT --to-destination 10.144.65.2:8443\n
      </span><span style="color:#323232;">PostDown = iptables -t nat -D PREROUTING -i ens3 -p tcp --dport 443 -j DNAT --to-destination 10.144.65.2:8443\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;"># packet masquerading\n
      </span><span style="color:#323232;">PreUp = iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE\n
      </span><span style="color:#323232;">PostDown = iptables -t nat -D POSTROUTING -o wg0 -j MASQUERADE\n
      </span>\n
      ```\n
      \n
      and restarting the wg connection, I’m seeing traffic on the ens3 port but none entering wg0 via tcpdump. I feel like I probably have conflicting iptables rules saved [pastebin.com/0eNwhNKM](https://pastebin.com/0eNwhNKM) but I don’t really know enough about whats going on there to fix it. I feel like its probably the wireguard-*-rule ones (created by pivpn possibly?) but I’m not sure.\n
      \n
      Edit way later: Ended up just using rinetd for the udp connections. Ubuntu doesn’t include the latest version here [github.com/samhocevar/rinetd](https://github.com/samhocevar/rinetd) which *is* able to do UDP connections. The docker container RxBrad suggested uses that version within the docker container to make the redirections so it will be roughly equivalent.
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 1
    +favouriteCount: 11
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1711497033 {#1596
      date: 2024-03-27 00:50:33.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#2462 …}
    +votes: Doctrine\ORM\PersistentCollection {#2461 …}
    +reports: Doctrine\ORM\PersistentCollection {#2453 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1728 …}
    +notifications: Doctrine\ORM\PersistentCollection {#1734 …}
    +badges: Doctrine\ORM\PersistentCollection {#1628 …}
    +children: [
      App\Entity\EntryComment {#1665}
    ]
    -id: 27027
    -titleTs: "'connect':7 'forward':2 'issu':1 'traffic':3 'wireguard':6"
    -bodyTs: "'/0enwhnkm](https://pastebin.com/0enwhnkm)':177 '/blog/2022/09/wireguard-port-forward-from-internet)':11 '/samhocevar/rinetd](https://github.com/samhocevar/rinetd)':233 '/wireguard-port-forward-from-i':8 '1':83 '10.144.65.2':103,122 '443':97,116 '8443':104,123 'abl':236 'ad':66 'also':54 'attempt':3 'config':75 'conflict':171 'connect':34,150,222,240 'contain':243,252 'creat':202 'current':35 'd':109,140 'destin':102,121 'dnat':99,118 'docker':242,251 'doesn':224 'dport':96,115 'edit':211 'end':214 'enough':184 'ens3':93,112,157 'enter':161 'equival':262 'feel':166,194 'fix':191 'follow':5 'forward':13,52,57,77,82,85 'github.com':232 'github.com/samhocevar/rinetd](https://github.com/samhocevar/rinetd)':231 'go':187 'includ':226 'iptabl':87,106,127,137,172 'j':98,117,134,144 'know':183 'later':213 'latest':228 'like':167,195 'local':29 'look':45,55 'm':152,208 'make':254 'masquerad':125,135,145 'nat':89,108,129,139 'net.ipv4.ip':81 'none':160 'normal':49 'o':132,142 'one':201 'oracl':22 'p':94,113 'packet':76,124 'pastebin.com':176 'pastebin.com/0enwhnkm](https://pastebin.com/0enwhnkm)':175 'pivpn':204 'point':62 'port':18,26,84,158 'possibl':205 'postdown':105,136 'postrout':131,141 'prerout':91,110 'preup':78,86,126 'probabl':169,197 'procustodibus.com':7 'public':21,71 'realli':182 'redirect':256 'restart':147 'rinetd':41,65,218 'rough':261 'rule':68,173,200 'rxbrad':244 'save':174 'see':153 'server':30,72 'stop':64 'suggest':245 'sure':210 'sysctl':79 'tcp':95,114 'tcpdump':164 'to-destin':100,119 'traffic':14,53,59,154 'ubuntu':223 'udp':58,221,239 'use':40,217,246 'version':229,248 'via':163 'vps':23 'w':80 'way':50,212 'wg':74,149 'wg0':133,143,162 'what':186 'wireguard':33,199 'within':249 'www.procustodibus.com':10 'www.procustodibus.com/blog/2022/09/wireguard-port-forward-from-internet)':9"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1704345698
    +visibility: "visible             "
    +apId: "https://lemmy.world/post/10283380"
    +editedAt: DateTimeImmutable @1727046721 {#1648
      date: 2024-09-23 01:12:01.0 +02:00
    }
    +createdAt: DateTimeImmutable @1704316698 {#1680
      date: 2024-01-03 22:18:18.0 +01:00
    }
    +__isInitialized__: true
     …2
  }
  +magazine: Proxies\__CG__\App\Entity\Magazine {#1559 …}
  +image: null
  +parent: null
  +root: null
  +body: """
    I’ve had good luck using this Docker container on both ends, using just a vanilla Ubuntu Oracle instance with the ports I need opened up.\n
    \n
    [github.com/…/docker-wireguard-tunnel](https://github.com/DigitallyRefined/docker-wireguard-tunnel)
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 0
  +score: 0
  +lastActive: DateTime @1704319347 {#1595
    date: 2024-01-03 23:02:27.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@sxt@lemmy.world"
  ]
  +children: Doctrine\ORM\PersistentCollection {#1550 …}
  +nested: Doctrine\ORM\PersistentCollection {#1525 …}
  +votes: Doctrine\ORM\PersistentCollection {#1527 …}
  +reports: Doctrine\ORM\PersistentCollection {#1526 …}
  +favourites: Doctrine\ORM\PersistentCollection {#1563 …}
  +notifications: Doctrine\ORM\PersistentCollection {#1571 …}
  -id: 278870
  -bodyTs: "'/digitallyrefined/docker-wireguard-tunnel)':31 '/docker-wireguard-tunnel':28 'contain':9 'docker':8 'end':12 'github.com':27,30 'github.com/digitallyrefined/docker-wireguard-tunnel)':29 'good':4 'instanc':19 'luck':5 'need':24 'open':25 'oracl':18 'port':22 'ubuntu':17 'use':6,13 'vanilla':16 've':2"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.today/comment/4459474"
  +editedAt: null
  +createdAt: DateTimeImmutable @1704319347 {#1612
    date: 2024-01-03 23:02:27.0 +01:00
  }
  +"title": 278870
}
 
"Scheb\TwoFactorBundle\Security\Authorization\Voter\TwoFactorInProgressVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\EntryCommentVoter"
 ACCESS DENIED 
"App\Security\Voter\EntryVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MagazineVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageThreadVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\NotificationVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\OAuth2UserConsentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\UserVoter"
 ACCESS ABSTAIN
Show voter details
9 DENIED ROLE_ADMIN 
null
 
"Scheb\TwoFactorBundle\Security\Authorization\Voter\TwoFactorInProgressVoter"
 ACCESS ABSTAIN 
"Symfony\Component\Security\Core\Authorization\Voter\RoleHierarchyVoter"
 ACCESS DENIED 
"App\Security\Voter\EntryCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\EntryVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MagazineVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageThreadVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\NotificationVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\OAuth2UserConsentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\UserVoter"
 ACCESS ABSTAIN
Show voter details
10 DENIED ROLE_MODERATOR 
null
 
"Scheb\TwoFactorBundle\Security\Authorization\Voter\TwoFactorInProgressVoter"
 ACCESS ABSTAIN 
"Symfony\Component\Security\Core\Authorization\Voter\RoleHierarchyVoter"
 ACCESS DENIED 
"App\Security\Voter\EntryCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\EntryVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MagazineVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageThreadVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\NotificationVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\OAuth2UserConsentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\UserVoter"
 ACCESS ABSTAIN
Show voter details