I have an unprivileged linux container setup to use a wireguard interface in the container. On the VPN provider, I have a port forward setup for this container. I cannot seem to connect to the forwarded port in the container. By contrast, when I ran the contain as a privileged setup, the port forward worked just fine. The firewall rules in the container are identical so I am thinking that there something I need to define in the container’s config. Am I correct? Note - everything else in the container works as expected.
For reference, the contain config:
# Distribution configuration
lxc.include = /usr/share/lxc/config/common.conf
lxc.include = /usr/share/lxc/config/userns.conf
lxc.arch = aarch64
# Container specific configuration
lxc.idmap = u 0 100000 65536
lxc.idmap = g 0 100000 65536
# Network configuration
lxc.net.0.type = veth
lxc.net.0.link = br-lan
lxc.net.0.veth.vlan.id = 10
lxc.net.0.ipv4.address = 10.9.8.252/24
lxc.net.0.ipv4.gateway = 10.9.8.1
lxc.net.0.flags = up
xc.rootfs.path = overlay:/mnt/data/lxc/base/rootfs:/mnt/data/lxc/mars/overlay/delta
lxc.uts.name = mars