Incoming Traffic

[nomisma-qt]

So, i'm running TrailOfBits / algo on a VPS server. On my home setup i'm running OPNsense with WG, and on phone i run Rethink.

VPS server WG interface is 10.49.0.1.
OPNsense WG interface is 10.49.0.2
Rethink WG interface is 10.49.0.3

Desktop computer behind OPNsense is 192.168.1.10

On the VPS, traffic between clients is allowed.

I can successfully do a iperf3 test from phone to desktop, by creating a NAT forwarding rule on OPNsense for incoming iperf3 traffic port 5201/TCP on OPNsense WG interface, ie source is 10.49.0.3, destination is 10.49.0.2, and 10.49.0.2 port 5201/TCP is forwarded to 192.168.1.10.

But how does Rethink work with incoming traffic? I'm trying to run iperf3 in server mode on the phone.

Doing ifconfig on my phone shows 2 interfaces, 'rmnet_data2' and 'tun0' (no wifi or bluetooth, 4G network only)

Am i correct to assume that i would need somekind of NAT port forwarding on the phone as well, to redirect incoming WG traffic to one of those two interfaces, that termux/iperf3 is actually listening on?

I have yet to test with something other that Termux, for example a simple http server or something, but just wanted to ask in general how rethink works regarding this?

[ignoramous]

Am i correct to assume that i would need somekind of NAT port forwarding on the phone as well, to redirect incoming WG traffic to one of those two interfaces, that termux/iperf3 is actually listening on?

Yes, that's my guess as well. Rethink, today, has no support for Port Forwarding (nor does it play nice with hole-punching UDP).

I have yet to test with something other that Termux, for example a simple http server or something, but just wanted to ask in general how rethink works regarding this?

You'll have to "Exclude" Termux from Rethink, if you're going to run a TCP / UDP server in it, that you want to be able to connect to.