even betterer than this, i just discovered that i also have a direct port out to my vps point on its subnet
comes for free with the port forwarding... i can't reach the middleman servers by their client IPs but that doesn't really matter because such a path is circuitous
the biggest thing this solves for my situation is now i have a back-end home server that has a wireguard tunnel with sub 5ms ping, where my local back-end services run, and where before i had them all connected out to the VPS, routing to them is an out-and-back which for my bulgarian VPS is almost 200ms, like being in the old days in teh noughties connecting to USA servers, but it's only 100ms by direct
so i get the best of both, and it's easy af to set up
i could now theoretically do the same thing to the VPS and forward its outbound traffic to yet another VPS else where, probably some fancy script i can find where i put it into a russian-friendly data centre location, and use geoip to split-forward my traffic so i can access both sides of the new iron curtain... it's a real thing btw... i had a VPS in kazakhstan with wireguard connected to it and i gave up on it because so many websites blocked my access because from hostile zone lol