Always allow inbound wireguard

modules/router/default.nix

@@ -226,11 +226,6 @@ in
             elements = { 22, 3128 }
           }
 
-          set internal_access_udp {
-            type inet_service; flags interval;
-            elements = { 51820 }
-          }
-
           set network_required_udp {
             type inet_service; flags interval;
             elements = { 53, 67, 68, 546, 547 }
@@ -331,13 +326,7 @@ in
               $WAN : jump rate_limit
             }
 
-            udp dport @internal_access_udp ct state new iifname vmap {
+            udp dport 51820 ct state new accept comment "Allow wireguard"
-              $BRIDGE : accept,
-              $WG0 : accept,
-              $DEVICES : jump reject_politely,
-              $WIFI : jump rate_limit,
-              $WAN : jump rate_limit
-            }
 
             udp dport @network_required_udp ct state new accept comment "Allow internal network required stuff"