I would really appreciate it if someone would double check me. Sorry for the screenshot. Either the Lemmy code button isn’t great or I’m just dum at formatting.

This has local *arr servers available and traceroute shows me going through the VPN.

The largest blue blotch is the ip address of a mullvad vpn server.

Rpi4, Raspberry Pi OS lite.

Mullvad VPN. IPv6 has been nuked. Using Wireguard through wg-quick.

wg2 originates from a .conf file from Mullvad with IPv6 stripped.

Do these UFW settings look right?

  • Machinist@lemmy.worldOP
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    I’ve got 53 and 5353 open so that DNS will work for my local network when connecting to *arr and jellyfin.

    I.E. type raspberrypi:8989 in a browser to bring up Sonarr.

    Should I restrict to UDP?

    • kowcop
      link
      fedilink
      English
      arrow-up
      8
      ·
      1 year ago

      Just did some reading as it has been many years since I did firewall… looks like dns is mostly UDP, but fails over to TCP if the dns reply exceeds 512bytes.