vidhar: ...

author: Gregor Kleen <gkleen@yggdrasil.li> 2021-11-15 23:45:54 +0059
committer: Gregor Kleen <gkleen@yggdrasil.li> 2021-11-15 23:45:54 +0059
commit: 4dac5d86e426572618e0b8c6c4fbf7de8d3ac59c (patch)
tree: a20d928e91224b5ba28999fe555884a00ffc6a3f
parent: 0856a288b6fc1ff61c847f20495366a48577ed80 (diff)
download: nixos-4dac5d86e426572618e0b8c6c4fbf7de8d3ac59c.tar
nixos-4dac5d86e426572618e0b8c6c4fbf7de8d3ac59c.tar.gz
nixos-4dac5d86e426572618e0b8c6c4fbf7de8d3ac59c.tar.bz2
nixos-4dac5d86e426572618e0b8c6c4fbf7de8d3ac59c.tar.xz
nixos-4dac5d86e426572618e0b8c6c4fbf7de8d3ac59c.zip
1 files changed, 13 insertions, 12 deletions
diff --git a/hosts/vidhar/default.nix b/hosts/vidhar/default.nix
index a13398db..45953d93 100644
--- a/hosts/vidhar/default.nix
+++ b/hosts/vidhar/default.nix
@@ -106,23 +106,24 @@
          ip46tables -A FORWARD -j nixos-fw-forward
-          ip46tables -t nat -D POSTROUTING -j nixos-fw-postrouting 2>/dev/null || true
+          ip46tables -t nat -D POSTROUTING -j nixos-fw-postrouting-nat 2>/dev/null || true
-          ip46tables -t nat -F nixos-fw-postrouting 2>/dev/null || true
+          ip46tables -t nat -F nixos-fw-postrouting-nat 2>/dev/null || true
-          ip46tables -t nat -X nixos-fw-postrouting 2>/dev/null || true
+          ip46tables -t nat -X nixos-fw-postrouting-nat 2>/dev/null || true
-          ip46tables -t nat -N nixos-fw-postrouting 2>/dev/null || true
+          ip46tables -t nat -N nixos-fw-postrouting-nat 2>/dev/null || true
-          iptables -t nat -A nixos-fw-postrouting -o dsl -j MASQUERADE
+          iptables -t nat -A nixos-fw-postrouting-nat -o dsl -j MASQUERADE
-          ip46tables -t nat -A POSTROUTING -j nixos-fw-postrouting
+          ip46tables -t nat -A POSTROUTING -j nixos-fw-postrouting-nat
-          ip46tables -t mangle -D POSTROUTING -j nixos-fw-postrouting 2>/dev/null || true
-          ip46tables -t mangle -F nixos-fw-postrouting 2>/dev/null || true
-          ip46tables -t mangle -X nixos-fw-postrouting 2>/dev/null || true
-          ip46tables -t mangle -N nixos-fw-postrouting 2>/dev/null || true
+          ip46tables -t mangle -D POSTROUTING -j nixos-fw-postrouting-mangle 2>/dev/null || true
-          ip46tables -A nixos-fw-postrouting -t mangle -o dsl -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
+          ip46tables -t mangle -F nixos-fw-postrouting-mangle 2>/dev/null || true
+          ip46tables -t mangle -X nixos-fw-postrouting-mangle 2>/dev/null || true
-          ip46tables -t mangle -A POSTROUTING -j nixos-fw-postrouting
+          ip46tables -t mangle -N nixos-fw-postrouting-mangle 2>/dev/null || true
+          ip46tables -t mangle -A nixos-fw-postrouting-mangle -o dsl -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
+          ip46tables -t mangle -A POSTROUTING -j nixos-fw-postrouting-mangle
        '';
      };
    };
author	Gregor Kleen <gkleen@yggdrasil.li>	2021-11-15 23:45:54 +0059
committer	Gregor Kleen <gkleen@yggdrasil.li>	2021-11-15 23:45:54 +0059
commit	4dac5d86e426572618e0b8c6c4fbf7de8d3ac59c (patch)
tree	a20d928e91224b5ba28999fe555884a00ffc6a3f
parent	0856a288b6fc1ff61c847f20495366a48577ed80 (diff)
download	nixos-4dac5d86e426572618e0b8c6c4fbf7de8d3ac59c.tar nixos-4dac5d86e426572618e0b8c6c4fbf7de8d3ac59c.tar.gz nixos-4dac5d86e426572618e0b8c6c4fbf7de8d3ac59c.tar.bz2 nixos-4dac5d86e426572618e0b8c6c4fbf7de8d3ac59c.tar.xz nixos-4dac5d86e426572618e0b8c6c4fbf7de8d3ac59c.zip

diff --git a/hosts/vidhar/default.nix b/hosts/vidhar/default.nix index a13398db..45953d93 100644 --- a/hosts/vidhar/default.nix +++ b/hosts/vidhar/default.nix
@@ -106,23 +106,24 @@
106	ip46tables -A FORWARD -j nixos-fw-forward	106	ip46tables -A FORWARD -j nixos-fw-forward
107		107
108		108
109	ip46tables -t nat -D POSTROUTING -j nixos-fw-postrouting 2>/dev/null \|\| true	109	ip46tables -t nat -D POSTROUTING -j nixos-fw-postrouting-nat 2>/dev/null \|\| true
110	ip46tables -t nat -F nixos-fw-postrouting 2>/dev/null \|\| true	110	ip46tables -t nat -F nixos-fw-postrouting-nat 2>/dev/null \|\| true
111	ip46tables -t nat -X nixos-fw-postrouting 2>/dev/null \|\| true	111	ip46tables -t nat -X nixos-fw-postrouting-nat 2>/dev/null \|\| true
112		112
113	ip46tables -t nat -N nixos-fw-postrouting 2>/dev/null \|\| true	113	ip46tables -t nat -N nixos-fw-postrouting-nat 2>/dev/null \|\| true
114	iptables -t nat -A nixos-fw-postrouting -o dsl -j MASQUERADE	114	iptables -t nat -A nixos-fw-postrouting-nat -o dsl -j MASQUERADE
115		115
116	ip46tables -t nat -A POSTROUTING -j nixos-fw-postrouting	116	ip46tables -t nat -A POSTROUTING -j nixos-fw-postrouting-nat
117		117
118	ip46tables -t mangle -D POSTROUTING -j nixos-fw-postrouting 2>/dev/null \|\| true
119	ip46tables -t mangle -F nixos-fw-postrouting 2>/dev/null \|\| true
120	ip46tables -t mangle -X nixos-fw-postrouting 2>/dev/null \|\| true
121		118
122	ip46tables -t mangle -N nixos-fw-postrouting 2>/dev/null \|\| true	119	ip46tables -t mangle -D POSTROUTING -j nixos-fw-postrouting-mangle 2>/dev/null \|\| true
123	ip46tables -A nixos-fw-postrouting -t mangle -o dsl -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu	120	ip46tables -t mangle -F nixos-fw-postrouting-mangle 2>/dev/null \|\| true
		121	ip46tables -t mangle -X nixos-fw-postrouting-mangle 2>/dev/null \|\| true
124		122
125	ip46tables -t mangle -A POSTROUTING -j nixos-fw-postrouting	123	ip46tables -t mangle -N nixos-fw-postrouting-mangle 2>/dev/null \|\| true
		124	ip46tables -t mangle -A nixos-fw-postrouting-mangle -o dsl -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
		125
		126	ip46tables -t mangle -A POSTROUTING -j nixos-fw-postrouting-mangle
126	'';	127	'';
127	};	128	};
128	};	129	};