From 45598f92e53df9869c187d3bf4dd6f07d4429c54 Mon Sep 17 00:00:00 2001
From: Dominik Polakovics <dominik.polakovics@cloonar.com>
Date: Tue, 28 Nov 2023 19:17:34 +0100
Subject: [PATCH] change fw

---
 hosts/fw.cloonar.com/modules/firewall.nix | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/hosts/fw.cloonar.com/modules/firewall.nix b/hosts/fw.cloonar.com/modules/firewall.nix
index 12d0f7c..8a10c1c 100644
--- a/hosts/fw.cloonar.com/modules/firewall.nix
+++ b/hosts/fw.cloonar.com/modules/firewall.nix
@@ -29,14 +29,21 @@
               "wg_cloonar"
             } counter accept
 
-            # Allow networks to access the dns
+            # Allow networks to access the dns and dhcp
             iifname {
               "lan",
               "server",
               "wg_cloonar",
               "smart",
               "multimedia"
-            } udp dport { 53, 67, 68 } tcp dport { 80, 443, 853 } counter accept
+            } udp dport { 53, 67, 68 } counter accept
+            iifname {
+              "lan",
+              "server",
+              "wg_cloonar",
+              "smart",
+              "multimedia"
+            } tcp dport { 80, 443, 853 } counter accept
 
             # Accept mDNS for avahi reflection
             # iifname "multimedia" ip saddr <chromecast IP> tcp dport { llmnr } counter accept