Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix gitea

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2023-12-04 12:50:22 +01:00
parent c314da240e
commit f619b5536b
2 changed files with 5 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
hosts/fw.cloonar.com/modules/firewall.nix
View File

@@ -175,8 +175,6 @@
# multimedia airplay
iifname "multimedia" oifname { "lan" } counter accept
# iifname { "vb-*" } oifname { "server" } counter accept comment "from internal interfaces"
# lan and vpn to any
# TODO: disable wan when finished
iifname { "wan", "lan", "server", "vb-*", "podman0", "wg_cloonar" } oifname { "lan", "vb-*", "server", "podman0", "infrastructure", "multimedia", "smart", "wrwks", "wg_cloonar", "wg_epicenter", "wg_ghetto_at" } counter accept
@@ -203,15 +201,10 @@
type nat hook prerouting priority filter; policy accept;
}
chain post {
# iifname { "vb-*" } oifname { "server" } masquerade comment "from internal interfaces"
}
# Setup NAT masquerading on external interfaces
chain postrouting {
type nat hook postrouting priority filter; policy accept;
oifname { "wan", "wrwks", "wg_epicenter", "wg_ghetto_at" } masquerade
# iifname { "vb-*" } oifname { "server" } masquerade comment "from internal interfaces"
}
}
'';