bundle/wireguard: fix firewall for home.router

bundles/wireguard/metadata.py

@@ -226,7 +226,9 @@ def firewall(metadata):
         except NoSuchNode:  # roadwarrior
             ports['{}/udp'.format(config['my_port'])] = atomic(set(metadata.get('wireguard/restrict-to', set())))
         else:
-            ports['{}/udp'.format(config['my_port'])] = atomic({name})
+            ports['{}/udp'.format(config['my_port'])] = atomic(
+                set(repo.libs.s2s.WG_AUTOGEN_SETTINGS.get(name, {}).get('firewall', set())) | {name}
+            )
 
     return {
         'firewall': {

libs/s2s.py

@@ -23,6 +23,7 @@ WG_AUTOGEN_NODES = [
 WG_AUTOGEN_SETTINGS = {
     # special settings to apply when peering with a specific node
     'home.router': {
+        'firewall': {'versatel'},
         'no_autoconnect': True,
         'persistent_keepalive': False,
     },