And how to isolate user devices from each other?
Still working my way through the new docker update…
But I would imagine that this would work:
iptables -I FORWARD -i wg-firezone -o wg-firezone -j REJECT --reject-with icmp-adm-prohibited
untested… but…