coolneng
/
panacea
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update wireguard port and firewall rules

This commit is contained in:
coolneng 2022-10-23 11:19:13 +02:00
parent 7a5372f030
commit 323d4a4e48
Signed by: coolneng
GPG Key ID: 9893DA236405AF57
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
modules/networking.nix
View File

@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let wireguard_port = "51902"; let wireguard_port = "1194";
in { in {
# Set hostname, hostid and enable WiFi # Set hostname, hostid and enable WiFi
@ -103,12 +103,12 @@ in {
]; ];
# Allow wireguard traffic # Allow wireguard traffic
extraCommands = '' extraCommands = ''
ip46tables -t raw -I nixos-fw-rpfilter -p udp -m udp --sport ${wireguard_port} -j RETURN iptables -t mangle -I nixos-fw-rpfilter -p udp -m udp --sport ${wireguard_port} -j RETURN
ip46tables -t raw -I nixos-fw-rpfilter -p udp -m udp --dport ${wireguard_port} -j RETURN iptables -t mangle -I nixos-fw-rpfilter -p udp -m udp --dport ${wireguard_port} -j RETURN
''; '';
extraStopCommands = '' extraStopCommands = ''
ip46tables -t raw -D nixos-fw-rpfilter -p udp -m udp --sport ${wireguard_port} -j RETURN || true iptables -t mangle -D nixos-fw-rpfilter -p udp -m udp --sport ${wireguard_port} -j RETURN || true
ip46tables -t raw -D nixos-fw-rpfilter -p udp -m udp --dport ${wireguard_port} -j RETURN || true iptables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport ${wireguard_port} -j RETURN || true
''; '';
}; };
} }