New wg and swgp config for route all traffic to ca

Change swgp port to avoid server client same port error. New wg default
route all traffic to ca with wg_ca. Only accept direct connect from insp
when wg0 is enabled.

3 files changed, 2 insertions, 1 deletions

diff --git a/etc/nftables.conf b/etc/nftables.conf
index 5adbf28a..5c668feb 100644
--- a/etc/nftables.conf
+++ b/etc/nftables.conf
@@ -29,7 +29,7 @@ table inet my_table {
 		#udp dport qbt accept
 		#tcp dport iperf3 accept
 		#udp dport wireguard accept
-		udp dport swgp accept
+		udp dport swgp-aa-server accept
 
 		pkttype host limit rate 5/second counter reject with icmpx type admin-prohibited
 		counter comment "count any other traffic"
diff --git a/etc/services b/etc/services
index 91a89df2..a248bb3d 100644
--- a/etc/services
+++ b/etc/services
@@ -11514,3 +11514,4 @@ wireguard       49432/udp
 ssh-isp         49812/tcp
 iperf3          53497/tcp
 swgp            54635/udp
+swgp-aa-server  54636/udp
diff --git a/etc/systemd/system/multi-user.target.wants/wg-quick@wg0.service b/etc/systemd/system/multi-user.target.wants/wg-quick@wg_ca.service
index 0a92cb9a..0a92cb9a 120000
--- a/etc/systemd/system/multi-user.target.wants/wg-quick@wg0.service
+++ b/etc/systemd/system/multi-user.target.wants/wg-quick@wg_ca.service