From 44546885279df144965ec44d66b7a859fb0d6a66 Mon Sep 17 00:00:00 2001
From: Dante Catalfamo
Date: Sat, 30 Dec 2023 15:30:46 -0500
Subject: openbsd-wireguard-gateway: Fix typo and sentence placement

---
 content/posts/openbsd-wireguard-vpn-gateway/index.org | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/content/posts/openbsd-wireguard-vpn-gateway/index.org b/content/posts/openbsd-wireguard-vpn-gateway/index.org
index cf41034..0496387 100644
--- a/content/posts/openbsd-wireguard-vpn-gateway/index.org
+++ b/content/posts/openbsd-wireguard-vpn-gateway/index.org
@@ -89,13 +89,13 @@ wgpeer PUBLICKEY wgaip 0.0.0.0/0 wgaip ::0/0 wgendpoint ENDPOINT 51820
 !route -T 1 add -inet6 default YYYY:YYYY:YYYY:YYYY:YYYY:YYYY:YYYY
 #+end_src
 
+We can bring up the interface using the command =sh /etc/netstart wg0=.
+
 Now that our interfaces are setup, we need to create the firewall
 rules that will take care of the routing and NAT. We use a couple
 macros here (=$ext_if= and =$vpn_if=) to make it easy to change the
 interface names if we ever have to.
 
-We can bring up the interface using the command =sh /etc/netstart wg0=.
-
 #+CAPTION: =/etc/pf.conf=
 #+begin_src conf
 set skip on lo
@@ -131,7 +131,7 @@ Let's break down this file line by line.
 - =vpn_if = "wg0"= Create a macro for the VPN interface.
 - =pass in quick on $ext_if proto tcp from $ext_if:network to self
   port 22= Here we allow any traffic directly addressing our server on
-  TDP port 22 to pass in without any further rule evaluations. This
+  TCP port 22 to pass in without any further rule evaluations. This
   lets us SSH into our server without the packets being put into the
   VPN routing table.
 - =pass out on $ext_if from self= This lets us connect to the internet
-- 
cgit v1.2.3