Well, I took the last week or so to watch/read hours of instructional material on the fundamentals of networking and I finally have the three core rules I needed to recreate ngrok via wireguard (for my small web needs, at least).
Bloody hell, folks, this stuff should be (and can be) far easier.
A huge amount of the complexity is due to the atrocious interface design of tools like nftables (which, itself, is actually a huge improvement on the iptables that came before it).
Will write something up about it as a step towards simplifying all this for other folks but first I need to get a couple of my own tools back up and running under Fedora Silverblue (this should improve them for other distributions also as it violates some of the assumptions I had having worked solely on Ubuntu-based systems). So it’s a bit of yak shaving but, ultimately, constructive yak shaving that should benefit everything I produce from here on in and hopefully result in a new tool or two :)
.
.
.
)-<*><
