root@DietPi:~# ip -4 addr; ip -4 ro list table all; ip -4 ru; iptables-save -c
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.10.5/24 brd 192.168.10.255 scope global eth0
valid_lft forever preferred_lft forever
3: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
inet 10.6.0.1/24 scope global wg0
valid_lft forever preferred_lft forever
4: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
14: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 500
inet 10.17.0.12/16 scope global tun0
valid_lft forever preferred_lft forever
0.0.0.0/1 via 10.17.0.1 dev tun0
default via 192.168.10.1 dev eth0 onlink
10.6.0.0/24 dev wg0 proto kernel scope link src 10.6.0.1
10.17.0.0/16 dev tun0 proto kernel scope link src 10.17.0.12
128.0.0.0/1 via 10.17.0.1 dev tun0
169.150.218.70 via 192.168.10.1 dev eth0
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1
192.168.10.0/24 dev eth0 proto kernel scope link src 192.168.10.5
local 10.6.0.1 dev wg0 table local proto kernel scope host src 10.6.0.1
broadcast 10.6.0.255 dev wg0 table local proto kernel scope link src 10.6.0.1
local 10.17.0.12 dev tun0 table local proto kernel scope host src 10.17.0.12
broadcast 10.17.255.255 dev tun0 table local proto kernel scope link src 10.17.0.12
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
local 172.17.0.1 dev docker0 table local proto kernel scope host src 172.17.0.1
broadcast 172.17.255.255 dev docker0 table local proto kernel scope link src 172.17.0.1
local 192.168.10.5 dev eth0 table local proto kernel scope host src 192.168.10.5
broadcast 192.168.10.255 dev eth0 table local proto kernel scope link src 192.168.10.5
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
# Generated by iptables-save v1.8.7 on Sat Apr 22 08:09:26 2023
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:DOCKER - [0:0]
:DOCKER-ISOLATION-STAGE-1 - [0:0]
:DOCKER-ISOLATION-STAGE-2 - [0:0]
:DOCKER-USER - [0:0]
[2532690:2916344140] -A FORWARD -j DOCKER-USER
[2532690:2916344140] -A FORWARD -j DOCKER-ISOLATION-STAGE-1
[0:0] -A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
[0:0] -A FORWARD -o docker0 -j DOCKER
[0:0] -A FORWARD -i docker0 ! -o docker0 -j ACCEPT
[0:0] -A FORWARD -i docker0 -o docker0 -j ACCEPT
[0:0] -A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 2525 -j ACCEPT
[0:0] -A DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2
[2532690:2916344140] -A DOCKER-ISOLATION-STAGE-1 -j RETURN
[0:0] -A DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP
[0:0] -A DOCKER-ISOLATION-STAGE-2 -j RETURN
[3627671:4237369580] -A DOCKER-USER -j RETURN
COMMIT
# Completed on Sat Apr 22 08:09:26 2023
# Generated by iptables-save v1.8.7 on Sat Apr 22 08:09:26 2023
*nat
:PREROUTING ACCEPT [1261303:157504509]
:INPUT ACCEPT [1243120:151148706]
:OUTPUT ACCEPT [751071:61306343]
:POSTROUTING ACCEPT [751071:61306343]
:DOCKER - [0:0]
[871756:106443388] -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
[0:0] -A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
[0:0] -A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE
[18183:6355803] -A POSTROUTING -s 10.6.0.0/24 -o eth0 -m comment --comment wireguard-nat-rule -j MASQUERADE
[0:0] -A POSTROUTING -s 172.17.0.2/32 -d 172.17.0.2/32 -p tcp -m tcp --dport 2525 -j MASQUERADE
[0:0] -A DOCKER -i docker0 -j RETURN
[0:0] -A DOCKER ! -i docker0 -p tcp -m tcp --dport 2520 -j DNAT --to-destination 172.17.0.2:2525
COMMIT
# Completed on Sat Apr 22 08:09:26 2023