voronind/nix
0
0
Fork 0
Code Issues8 Pull requests Packages Projects Releases Wiki Activity

Home: Enable v4 masq for vpn clients.

Browse source
This commit is contained in:
Dmitry Voronin 2025-01-27 20:41:23 +03:00
parent f53ed95207
commit 99649e19cc
1 changed files with 3 additions and 3 deletions

6
host/x86_64-linux/home/Network.nix
View file

@ -144,8 +144,8 @@ in
firewall = { firewall = {
enable = true; enable = true;
extraCommands = '' extraCommands = ''
# Wan access for 10.0.0.0/24 subnet. # Wan access for 10.0.0.0/8 subnet.
iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -d 0/0 -o ${wan} -j MASQUERADE iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -d 0/0 -o ${wan} -j MASQUERADE
# Full access from Lan. # Full access from Lan.
ip46tables -I INPUT -j ACCEPT -i ${lan} ip46tables -I INPUT -j ACCEPT -i ${lan}
@ -165,7 +165,7 @@ in
ip46tables -I INPUT -j ACCEPT -i ${wan} -p udp --dport 51413 ip46tables -I INPUT -j ACCEPT -i ${wan} -p udp --dport 51413
# Terraria server. # Terraria server.
ip46tables -I INPUT -j ACCEPT -i ${wan} -p tcp --dport 22777 # ip46tables -I INPUT -j ACCEPT -i ${wan} -p tcp --dport 22777
# Mumble. # Mumble.
ip46tables -I INPUT -j ACCEPT -i ${wan} -p tcp --dport 22666 ip46tables -I INPUT -j ACCEPT -i ${wan} -p tcp --dport 22666