From 99649e19cc2b19727b0af29b8d53d18044fe16c0 Mon Sep 17 00:00:00 2001
From: Dmitry Voronin <hi@voronind.com>
Date: Mon, 27 Jan 2025 20:41:23 +0300
Subject: [PATCH] Home: Enable v4 masq for vpn clients.

---
 host/x86_64-linux/home/Network.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/host/x86_64-linux/home/Network.nix b/host/x86_64-linux/home/Network.nix
index 3b1e000..45e7582 100644
--- a/host/x86_64-linux/home/Network.nix
+++ b/host/x86_64-linux/home/Network.nix
@@ -144,8 +144,8 @@ in
     firewall = {
       enable = true;
       extraCommands = ''
-        # Wan access for 10.0.0.0/24 subnet.
-        iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -d 0/0 -o ${wan} -j MASQUERADE
+        # Wan access for 10.0.0.0/8 subnet.
+        iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -d 0/0 -o ${wan} -j MASQUERADE
 
         # Full access from Lan.
         ip46tables  -I INPUT -j ACCEPT -i ${lan}
@@ -165,7 +165,7 @@ in
         ip46tables -I INPUT -j ACCEPT -i ${wan} -p udp --dport 51413
 
         # Terraria server.
-        ip46tables -I INPUT -j ACCEPT -i ${wan} -p tcp --dport 22777
+        # ip46tables -I INPUT -j ACCEPT -i ${wan} -p tcp --dport 22777
 
         # Mumble.
         ip46tables -I INPUT -j ACCEPT -i ${wan} -p tcp --dport 22666