diff --git a/Makefile b/Makefile
index 2988e5c..e8e5687 100644
--- a/Makefile
+++ b/Makefile
@@ -16,3 +16,13 @@ test-dns:
 	@sudo route delete 8.8.8.8
 	@sudo route add 8.8.8.8 -interface utun$(tun_num)
 	@dig @8.8.8.8 hackclub.com
+
+test-https:
+	@sudo route delete 193.183.0.162
+	@sudo route add 193.183.0.162 -interface utun$(tun_num)
+	@curl -vv https://search.marginalia.nu
+
+test-http:
+	@sudo route delete 146.190.62.39
+	@sudo route add 146.190.62.39 -interface utun$(tun_num)
+	@curl -vv 146.190.62.39:80
diff --git a/burrow/src/apple.rs b/burrow/src/apple.rs
index 571b413..9fc0140 100644
--- a/burrow/src/apple.rs
+++ b/burrow/src/apple.rs
@@ -10,4 +10,4 @@ pub extern "C" fn initialize_oslog() {
         tracing_subscriber::registry().with(OsLogger::new("com.hackclub.burrow", "backend"));
     tracing::subscriber::set_global_default(collector).unwrap();
     debug!("Initialized oslog tracing in libburrow rust FFI");
-}
+}
\ No newline at end of file
diff --git a/burrow/src/wireguard/config.rs b/burrow/src/wireguard/config.rs
index d86486e..afe7499 100644
--- a/burrow/src/wireguard/config.rs
+++ b/burrow/src/wireguard/config.rs
@@ -101,7 +101,7 @@ impl Default for Config {
             },
             peers: vec![Peer {
                 endpoint: "wg.burrow.rs:51820".into(),
-                allowed_ips: vec!["8.8.8.8/32".into()],
+                allowed_ips: vec!["8.8.8.8/32".into(), "0.0.0.0/0".into()],
                 public_key: "uy75leriJay0+oHLhRMpV+A5xAQ0hCJ+q7Ww81AOvT4=".into(),
                 preshared_key: Some("s7lx/mg+reVEMnGnqeyYOQkzD86n2+gYnx1M9ygi08k=".into()),
                 persistent_keepalive: Default::default(),
diff --git a/burrow/src/wireguard/iface.rs b/burrow/src/wireguard/iface.rs
index 281cc4a..ba175de 100755
--- a/burrow/src/wireguard/iface.rs
+++ b/burrow/src/wireguard/iface.rs
@@ -135,7 +135,7 @@ impl Interface {
                 debug!("spawning read task for peer {}", i);
                 let pcb = pcbs.pcbs[i].clone();
                 let tun = tun.clone();
-                let tsk = async move {
+                let main_tsk = async move {
                     if let Err(e) = pcb.open_if_closed().await {
                         log::error!("failed to open pcb: {}", e);
                         return
@@ -147,8 +147,29 @@ impl Interface {
                         debug!("pcb ran successfully");
                     }
                 };
+
+                let pcb = pcbs.pcbs[i].clone();
+                let update_timers_tsk = async move {
+                    let mut buf = [0u8; 65535];
+                    loop {
+                        tokio::time::sleep(tokio::time::Duration::from_millis(250)).await;
+                        pcb.update_timers(&mut buf).await;
+                    }
+                };
+
+                let pcb = pcbs.pcbs[i].clone();
+                let reset_rate_limiter_tsk = async move {
+                    loop {
+                        tokio::time::sleep(tokio::time::Duration::from_secs(1)).await;
+                        pcb.reset_rate_limiter().await;
+                    }
+                };
+                tsks.extend(vec![
+                    tokio::spawn(main_tsk),
+                    tokio::spawn(update_timers_tsk),
+                    tokio::spawn(reset_rate_limiter_tsk)
+                ]);
                 debug!("task made..");
-                tsks.push(tokio::spawn(tsk));
             }
             debug!("spawned read tasks");
         }
diff --git a/burrow/src/wireguard/noise/mod.rs b/burrow/src/wireguard/noise/mod.rs
index 6ece759..24f4fbb 100755
--- a/burrow/src/wireguard/noise/mod.rs
+++ b/burrow/src/wireguard/noise/mod.rs
@@ -346,6 +346,10 @@ impl Tunnel {
         self.handle_verified_packet(packet, dst)
     }
 
+    pub fn reset_rate_limiter(&self) {
+        self.rate_limiter.reset_count();
+    }
+
     pub(crate) fn handle_verified_packet<'a>(
         &mut self,
         packet: Packet,
diff --git a/burrow/src/wireguard/pcb.rs b/burrow/src/wireguard/pcb.rs
index a781870..c6ebaa6 100755
--- a/burrow/src/wireguard/pcb.rs
+++ b/burrow/src/wireguard/pcb.rs
@@ -1,6 +1,6 @@
 use std::{net::SocketAddr, sync::Arc};
 
-use anyhow::Error;
+use anyhow::{Error, Result};
 use fehler::throws;
 use ip_network::IpNetwork;
 use rand::random;
@@ -132,4 +132,28 @@ impl PeerPcb {
         };
         Ok(())
     }
+
+    pub async fn update_timers(&self, dst: &mut [u8]) -> Result<(), Error> {
+        match self.tunnel.write().await.update_timers(dst) {
+            TunnResult::Done => {}
+            TunnResult::Err(e) => {
+                tracing::error!(message = "Update timers error", error = ?e)
+            }
+            TunnResult::WriteToNetwork(packet) => {
+                self.open_if_closed().await?;
+                let handle = self.socket.read().await;
+                let Some(socket) = handle.as_ref() else {
+                    tracing::error!("No socket for peer");
+                    return Ok(())
+                };
+                socket.send(packet).await?;
+            }
+            _ => panic!("Unexpected result from update_timers"),
+        };
+        Ok(())
+    }
+
+    pub async fn reset_rate_limiter(&self) {
+        self.tunnel.read().await.reset_rate_limiter();
+    }
 }
diff --git a/tun/src/tokio/mod.rs b/tun/src/tokio/mod.rs
index 947fb74..bd27109 100644
--- a/tun/src/tokio/mod.rs
+++ b/tun/src/tokio/mod.rs
@@ -26,7 +26,6 @@ impl TunInterface {
         }
     }
 
-    #[instrument]
     pub async fn recv(&self, buf: &mut [u8]) -> io::Result<usize> {
         loop {
             let mut guard = self.inner.readable().await?;