Compare commits
2 Commits
c46c178fa9
...
323d4a4e48
Author | SHA1 | Date |
---|---|---|
coolneng | 323d4a4e48 | |
coolneng | 7a5372f030 |
|
@ -38,11 +38,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1666282307,
|
"lastModified": 1666377499,
|
||||||
"narHash": "sha256-O1T2HGLARLKDLfdOmjPBfn3eC4cSIaQD71wUN4I/6/s=",
|
"narHash": "sha256-dZZCGvWcxc7oGnUgFVf0UeNHsJ4VhkTM0v5JRe8EwR8=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "b7d8c687782c8f9a1d425a7e486eb989654f6468",
|
"rev": "301aada7a64812853f2e2634a530ef5d34505048",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
let wireguard_port = "51902";
|
let wireguard_port = "1194";
|
||||||
|
|
||||||
in {
|
in {
|
||||||
# Set hostname, hostid and enable WiFi
|
# Set hostname, hostid and enable WiFi
|
||||||
|
@ -103,12 +103,12 @@ in {
|
||||||
];
|
];
|
||||||
# Allow wireguard traffic
|
# Allow wireguard traffic
|
||||||
extraCommands = ''
|
extraCommands = ''
|
||||||
ip46tables -t raw -I nixos-fw-rpfilter -p udp -m udp --sport ${wireguard_port} -j RETURN
|
iptables -t mangle -I nixos-fw-rpfilter -p udp -m udp --sport ${wireguard_port} -j RETURN
|
||||||
ip46tables -t raw -I nixos-fw-rpfilter -p udp -m udp --dport ${wireguard_port} -j RETURN
|
iptables -t mangle -I nixos-fw-rpfilter -p udp -m udp --dport ${wireguard_port} -j RETURN
|
||||||
'';
|
'';
|
||||||
extraStopCommands = ''
|
extraStopCommands = ''
|
||||||
ip46tables -t raw -D nixos-fw-rpfilter -p udp -m udp --sport ${wireguard_port} -j RETURN || true
|
iptables -t mangle -D nixos-fw-rpfilter -p udp -m udp --sport ${wireguard_port} -j RETURN || true
|
||||||
ip46tables -t raw -D nixos-fw-rpfilter -p udp -m udp --dport ${wireguard_port} -j RETURN || true
|
iptables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport ${wireguard_port} -j RETURN || true
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue