From 588f1218c2ed7c23804d7800fa7b88b4188734f5 Mon Sep 17 00:00:00 2001
From: Franziska Kunsmann <hi@kunsmann.eu>
Date: Mon, 16 Oct 2023 22:26:29 +0200
Subject: [PATCH] htz-cloud.wireguard: fix firewall

---
 nodes/htz-cloud/wireguard.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/nodes/htz-cloud/wireguard.py b/nodes/htz-cloud/wireguard.py
index cdd0519..10af696 100644
--- a/nodes/htz-cloud/wireguard.py
+++ b/nodes/htz-cloud/wireguard.py
@@ -38,11 +38,13 @@ nodes['htz-cloud.wireguard'] = {
             },
         },
         'nftables': {
-            'input': {
+            'forward': {
                 '50-router': [
                     'ct state { related, established } accept',
                     'oifname eth0 accept',
                 ],
+            },
+            'input': {
                 '50-wireguard': [
                     'udp dport 1194 accept',
                 ],