table filter {
	set http_ratelimit { type ipv4_addr; timeout 1s; flags dynamic; } 
	chain input		{ type filter hook input priority 0;policy drop;}
	chain forward		{ type filter hook forward priority 0;
				iifname wg0 accept;
				iifname enp11s0 accept;
				ct status dnat accept;
				}
	chain output		{ type filter hook output priority 0;  }
}

table nat {
	chain prerouting {  type nat hook prerouting priority -100; policy accept;}
	chain postrouting {  type nat hook postrouting priority 100;
	iifname wg0 oifname enp11s0 masquerade;
	iifname enp11s0 oifname wg0 masquerade;
	}
}