home

My NixOS systems configurations.
Log | Files | Refs | LICENSE

commit 0aa2f675cdd9485cef573b302c56f7969c8cd05d
parent b76e41695f1cb3e02c19429062fbb79eff9273c5
Author: Vincent Demeester <vincent@sbr.pm>
Date:   Fri, 15 Apr 2022 14:14:33 +0200

modules/wireguard: add an additional iptables

Signed-off-by: Vincent Demeester <vincent@sbr.pm>

Diffstat:
Msystems/modules/profiles/wireguard.server.nix | 1+
1 file changed, 1 insertion(+), 0 deletions(-)

diff --git a/systems/modules/profiles/wireguard.server.nix b/systems/modules/profiles/wireguard.server.nix @@ -22,6 +22,7 @@ in boot.kernel.sysctl."net.ipv4.ip_forward" = 1; networking.firewall.extraCommands = '' iptables -t nat -A POSTROUTING -s10.100.0.0/24 -j MASQUERADE + iptables -A FORWARD -i wg+ -j ACCEPT ''; networking.firewall.allowedUDPPorts = [ 51820 ]; networking.firewall.trustedInterfaces = [ "wg0" ];