Have a wireguard container, need to forward from eth0 to wg0

I have a wireguard container on a docker network, the docker network subnet is 10.18.0.0/16. The container ip is 10.18.0.2 and is receiving data on eth0, which I can see with tcpdump from within the container. I need to forward all data to the wg0 interface at 10.10.10.1 and from wg0 to eth0 (so bidirectional). I have tried the following:

docker exec --privileged wireguard sh -c "
sudo iptables -A FORWARD -i eth0 -o wg0 -j ACCEPT
sudo iptables -A FORWARD -i wg0 -o eth0 -j ACCEPT
sudo iptables -A FORWARD -i eth0 -o wg0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i wg0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sysctl -w net.ipv4.ip_forward=1
ip route add 10.10.10.0/24 dev wg0
"
And what is automatically generated for the server wg0 config:

[Interface]
Address = 10.10.10.1
ListenPort = 51820
PrivateKey =
PostUp = iptables -A FORWARD -i %i -j ACCEPT
; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth+ -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT
; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth+ -j MASQUERADE

[Peer]

peer1

PublicKey = 8qoHrFiwP3ZLKSoaSid8aSCd3UdzNK1rtG83bf1GG08=
PresharedKey = w2EcjRTa/xlNoEtKQGUWHJy+yOR4kSUTRIjaAzQImv0=
AllowedIPs = 10.10.10.2/32
and wg show:

root@65ba9c130b82:/# wg show

interface: wg0

public key: NGUwwvrxBkW6afwyiztMieUHOlBi/dIDxHEx8zHIP1M=

private key: (hidden)

listening port: 51820

peer: 8qoHrFiwP3ZLKSoaSid8aSCd3UdzNK1rtG83bf1GG08=

preshared key: (hidden)

endpoint: 10.254.254.75:63164

allowed ips: 10.10.10.2/32

latest handshake: 55 seconds ago

transfer: 936 B received, 600 B sent

My container:

Launch WireGuard container

if
! docker run -d --name wireguard
–privileged
–cap-add=NET_ADMIN
–cap-add=SYS_MODULE
–sysctl net.ipv4.conf.all.src_valid_mark=1
–sysctl net.ipv4.ip_forward=1
-e PUID=$(id -u)
-e PGID=$(id -g)
-e TZ=Etc/UTC
-e SERVERURL=auto
-e SERVERPORT=51820
-e PEERS=$NUM_PEERS
-e INTERNAL_SUBNET=10.10.10.0/24
-e ALLOWEDIPS=10.10.10.0/24
-e PEERDNS=auto
-v “$WIREGUARD_CONFIG_DIR:/config”
-p 51820:51820/udp
–restart unless-stopped
–network $NETWORK_NAME
lscr.io/linuxserver/wireguard:latest;
then
echo -e “${RED}Error: Failed to start WireGuard container.${RESET}”
exit 1

fi
I have tried many different things but nothing seems to work. No data is ever forwarded to wg0 or from wg0 to eth0. The wg0 interface is up and is communicating with the client, I can ping both ways over the wireguard link.

Any help is appreciated!