Setting up tinc and wireguard on pistar requires opening the network ports. The standard port for tinc is 655.
iptables -A INPUT -p udp -m udp --dport 655 -j ACCEPT
iptables -A OUTPUT -p udp -m udp --dport 655 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 51781 -j ACCEPT
iptables -A OUTPUT -p udp -m udp --dport 51781 -j ACCEPTFor a permanent opening of the ports at the lines above to /etc/iptables.rules without the iptables in front.
When pi-star is updated the /etc/iptables.rules are updated and ports are closed again. I am searching for a more permanent solution.
Update January 15th, 2025:
I checked my setup and now the user iptables rules are now needed to be put in /root/ipv4.fw and not anymore in /etc/iptables.rules.