fix: add forwarding rule for netbird -> home

hosts/ward/guests/home-gateway.nix

@@ -1,4 +1,16 @@
 {nodes, ...}: {
+  # Forwarding required to masquerade netbird network
+  boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
+
+  wireguard.proxy-home.client.via = "ward";
+
+  networking.nftables.chains.forward.from-netbird = {
+    after = ["conntrack"];
+    rules = [
+      "iifname wt-home oifname lan accept"
+    ];
+  };
+
   environment.persistence."/persist".directories = [
     {
       directory = "/var/lib/netbird-home";