@@ 140,6 140,8 @@ include "/etc/nftables/proxy.nft"
This firewall rule will NOT close SSH access. If you have publicly available SSH, that is a bad idea, and you should adjust `allowed_tcp_dports` to not include SSH. This default configuration will only pass through HTTP and HTTPS. Adjust `allowed_tcp_dports` to allow your TCP port, and `allowed_udp_dports` to allow your UDP port. In the first file, use the example HTTP/HTTPS configuration to forward another port. Keep in mind that this port forwarding will take priority! If you have SSH open to the VPS and you try forwarding SSH, you WILL lose SSH access!
+Add the line `include /etc/nftables/main.nft;` at the end of the file `/etc/nftables.conf`, then run `sudo sysctl -w net.ipv4.ip_forward=1`. Restart nftables: `sudo systemctl restart nftables`.
+
## Step 4: Set Up Wireguard
First, set up the Wireguard keys. On the cloud VM, run this command as root: