I would really appreciate it if someone would double check me. Sorry for the screenshot. Either the Lemmy code button isn’t great or I’m just dum at formatting.
This has local *arr servers available and traceroute shows me going through the VPN.
The largest blue blotch is the ip address of a mullvad vpn server.
Rpi4, Raspberry Pi OS lite.
Mullvad VPN. IPv6 has been nuked. Using Wireguard through wg-quick.
wg2 originates from a .conf file from Mullvad with IPv6 stripped.
Do these UFW settings look right?
No, you should keep both udp and tcp port 53 open going out. blocking dns vc/tcp will result in dns being partially broken.