Hi trendy, thank you for the suggestion. I will look into OpenWrt for my next project, but for now I’d like to adjust the current DietPi installation to my needs. I understand that this is a matter of configuring iptables and iproute2?
Update: Ok, miraculously I seem to have got this partially working using iptables. Now I have access from my phone with WireGuard to the services on the raspberry, even with dietpi-vpn killswitch on. It would be nice to have an internet connection as well.
The rules I added (hope this doesn’t defeat the purpose of the killswitch):
sudo iptables -A INPUT -d 10.0.0.0/8 -j ACCEPT
sudo iptables -A INPUT -p udp --dport 51820 -j ACCEPT
sudo iptables -A OUTPUT -o eth0 -p udp --sport 51820 -j ACCEPT
sudo iptables -A OUTPUT -o wg0 -j ACCEPT