openbsd-wireguard-gateway: Update diagram and caption paths

2 files changed, 19 insertions, 17 deletions

diff --git a/content/posts/openbsd-wireguard-vpn-gateway/index.org b/content/posts/openbsd-wireguard-vpn-gateway/index.org
index 3f27707..8a3ee30 100644
--- a/content/posts/openbsd-wireguard-vpn-gateway/index.org
+++ b/content/posts/openbsd-wireguard-vpn-gateway/index.org
@@ -39,7 +39,7 @@ Here's a diagram of what we're building.
 The first step in the process is getting the VPN profile from the VPN
 provider. It should look something like the following.
 
-#+CAPTION: profile.conf
+#+CAPTION: =profile.conf=
 #+begin_src conf
 [Interface]
 PrivateKey = PRIVATEKEY
@@ -56,7 +56,7 @@ We then have to rewrite it into OpenBSD's =hostname.if(5)= format.
 We'll call it =/etc/hostname.wg0= to create a Wireguard interface and
 execute the following commands when it's created.
 
-#+CAPTION: /etc/hostname.wg0
+#+CAPTION: =/etc/hostname.wg0=
 #+begin_src conf
 inet XX.XX.XX.XX/32
 inet6 YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY/128
@@ -71,7 +71,7 @@ config file. Lines beginning with =!= are commands that are run as
 root when the interface is being created. In this case our new routing
 table (rtable) will be number 1. The default routing table is number 0.
 
-#+CAPTION: /etc/hostname.wg0
+#+CAPTION: =/etc/hostname.wg0=
 #+begin_src conf
 inet XX.XX.XX.XX/32
 inet6 YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY/128
@@ -89,7 +89,7 @@ interface names if we ever have to.
 
 We can bring up the interface using the command =sh /etc/netstart wg0=.
 
-#+CAPTION: /etc/pf.conf
+#+CAPTION: =/etc/pf.conf=
 #+begin_src conf
 set skip on lo
 
@@ -140,7 +140,7 @@ We can apply the file without rebooting with the command =pfctl -f /etc/pf.conf=
 Finally we need to make sure our machine will forward traffic. We can
 do this by adding a line to our =sysctl.conf(5)= file.
 
-#+CAPTION: /etc/sysctl.conf
+#+CAPTION: =/etc/sysctl.conf=
 #+begin_src conf
 net.inet.ip.forwarding=1
 #+end_src
diff --git a/content/posts/openbsd-wireguard-vpn-gateway/tex/diagram.tex b/content/posts/openbsd-wireguard-vpn-gateway/tex/diagram.tex
index 6271044..a14ab90 100644
--- a/content/posts/openbsd-wireguard-vpn-gateway/tex/diagram.tex
+++ b/content/posts/openbsd-wireguard-vpn-gateway/tex/diagram.tex
@@ -2,19 +2,21 @@
 \usepackage{tikz}
 \begin{document}
 \begin{tikzpicture}
-  % \node (server) at (0,0) {server};
+  \draw[red] (-4,4.5) -- +(1,0) node[right,node font=\tiny] {incoming};
+  \draw[orange] (-4,4.25) -- +(1,0) node[right,node font=\tiny] {rtable 1};
+  \draw (-4,4) -- +(1,0) node[right,node font=\tiny] {rtable 0};
   \node (wg0)      at (0,0) {wg0};
-  \node (vio0)     at (0, 1) {vio0};
-  \node (pf)       at (2, 1) {pf};
-  \node (client)   at (-2, 1) {client};
-  \node (internet) at (3, 3) {internet};
-  \node (program)  at (4, 0) {program};
-  \draw[->,blue] (client) -- (vio0);
-  \draw[->] (vio0) -- (pf);
-  \draw[->,orange] (pf) -- (wg0);
-  \draw[->,orange] (wg0) -- (vio0);
-  \draw[->,blue] (vio0) -- (internet);
-  \draw[->,orange] (program) -- (wg0);
+  \node (vio0)     at (0, 2) {vio0};
+  \node (pf)       at (4, 2) {pf};
+  \node (client)   at (-4, 2) {client};
+  \node (internet) at (0, 5) {internet};
+  \draw (-1, 2.5) rectangle (5,-0.5);
+  \node (server)  at (2,2.7) {VPN Server};
+  \draw[->,red] (client) -- (vio0);
+  \draw[->,red] (vio0) -- (pf);
+  \draw[->,orange] (pf) -- node[above,sloped] {NAT} (wg0);
+  \draw[->] (wg0) -- (vio0);
+  \draw[->] (vio0) -- (internet);
 \end{tikzpicture}
 \end{document}
 %%% Local Variables: