From 7368a44d0d74cf6d8561236b41eec3fc15b2abec Mon Sep 17 00:00:00 2001
From: Dominik Polakovics <dominik.polakovics@cloonar.com>
Date: Fri, 1 Dec 2023 16:43:10 +0100
Subject: [PATCH] add podman to firewall

---
 hosts/fw.cloonar.com/modules/firewall.nix | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/hosts/fw.cloonar.com/modules/firewall.nix b/hosts/fw.cloonar.com/modules/firewall.nix
index f03ba91..33b4942 100644
--- a/hosts/fw.cloonar.com/modules/firewall.nix
+++ b/hosts/fw.cloonar.com/modules/firewall.nix
@@ -69,12 +69,13 @@
 
             # lan and vpn to any
             # TODO: disable wan when finished
-            iifname { "wan", "lan", "wg_cloonar" } oifname { "lan", "server", "multimedia", "smart", "wrwks", "wg_cloonar", "wg_epicenter", "wg_ghetto_at" } counter accept
+            iifname { "wan", "lan", "wg_cloonar" } oifname { "lan", "server", "podman0", "multimedia", "smart", "wrwks", "wg_cloonar", "wg_epicenter", "wg_ghetto_at" } counter accept
 
             # Allow trusted network WAN access
             iifname {
               "lan",
               "server",
+              "podman0",
               "multimedia",
               "smart",
               "wg_cloonar",
@@ -88,6 +89,7 @@
             } oifname {
               "lan",
               "server",
+              "podman0",
               "multimedia",
               "smart",
               "wg_cloonar",