coolneng
/
panacea
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update wireguard port and firewall rules

This commit is contained in:
coolneng 2022-10-23 11:19:13 +02:00
parent 7a5372f030
commit 323d4a4e48
Signed by: coolneng
GPG Key ID: 9893DA236405AF57
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
modules/networking.nix
View File

@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
let wireguard_port = "51902";
let wireguard_port = "1194";
in {
# Set hostname, hostid and enable WiFi
@ -103,12 +103,12 @@ in {
];
# Allow wireguard traffic
extraCommands = ''
ip46tables -t raw -I nixos-fw-rpfilter -p udp -m udp --sport ${wireguard_port} -j RETURN
ip46tables -t raw -I nixos-fw-rpfilter -p udp -m udp --dport ${wireguard_port} -j RETURN
iptables -t mangle -I nixos-fw-rpfilter -p udp -m udp --sport ${wireguard_port} -j RETURN
iptables -t mangle -I nixos-fw-rpfilter -p udp -m udp --dport ${wireguard_port} -j RETURN
'';
extraStopCommands = ''
ip46tables -t raw -D nixos-fw-rpfilter -p udp -m udp --sport ${wireguard_port} -j RETURN || true
ip46tables -t raw -D nixos-fw-rpfilter -p udp -m udp --dport ${wireguard_port} -j RETURN || true
iptables -t mangle -D nixos-fw-rpfilter -p udp -m udp --sport ${wireguard_port} -j RETURN || true
iptables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport ${wireguard_port} -j RETURN || true
'';
};
}