summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2015-06-16 23:50:01 +0200
committerGregor Kleen <gkleen@yggdrasil.li>2015-06-16 23:50:01 +0200
commitaa66459482694575bf6742074513bc760e644942 (patch)
tree584a34b55027b35a22e839b9dd578a2b74531bc9
parenta59e78126b5da89da5e6b9d785126c9e4ffd9a58 (diff)
downloadnixos-aa66459482694575bf6742074513bc760e644942.tar
nixos-aa66459482694575bf6742074513bc760e644942.tar.gz
nixos-aa66459482694575bf6742074513bc760e644942.tar.bz2
nixos-aa66459482694575bf6742074513bc760e644942.tar.xz
nixos-aa66459482694575bf6742074513bc760e644942.zip
No more bridge, copied NAT setup
-rw-r--r--bragi.nix16
1 files changed, 5 insertions, 11 deletions
diff --git a/bragi.nix b/bragi.nix
index babd43d8..ad68e47e 100644
--- a/bragi.nix
+++ b/bragi.nix
@@ -160,27 +160,20 @@
160 ''; 160 '';
161 161
162 networking.interfaces = { 162 networking.interfaces = {
163 "wired" = { 163 "enp1s0" = {
164 useDHCP = false; 164 useDHCP = false;
165 ipAddress = "10.141.4.1"; 165 ipAddress = "10.141.4.1";
166 prefixLength = 24; 166 prefixLength = 24;
167 }; 167 };
168 }; 168 };
169 169
170 networking.bridges."wired" = {
171 interfaces = [ "enp1s0"
172 "enp2s0"
173 "enp3s0"
174 ];
175 };
176
177 networking.nat = { 170 networking.nat = {
178 enable = true; 171 enable = true;
179 externalIP = "10.141.1.5"; 172 externalIP = "10.141.1.5";
180 externalInterface = "wlp4s0"; 173 externalInterface = "wlp4s0";
181 internalIPs = [ "10.141.4.0/24" 174 internalIPs = [ "10.141.4.0/24"
182 ]; 175 ];
183 internalInterfaces = [ "wired" 176 internalInterfaces = [ "enp1s0"
184 ]; 177 ];
185 }; 178 };
186 179
@@ -193,16 +186,17 @@
193 ]; 186 ];
194 extraCommands = '' 187 extraCommands = ''
195 iptables -t nat -A POSTROUTING -o wlp4s0 -j MASQUERADE 188 iptables -t nat -A POSTROUTING -o wlp4s0 -j MASQUERADE
189 iptables -A FORWARD -i wlp4s0 -o enp1s0 -m state --state RELATED,ESTABLISHED -j ACCPET
190 iptables -A FORWARD -i enp1s0 -o wlp4s0 -j ACCEPT
196 ''; 191 '';
197 }; 192 };
198 193
199 services.dhcpd = { 194 services.dhcpd = {
200 enable = true; 195 enable = true;
201 interfaces = [ "wired" 196 interfaces = [ "enp1s0"
202 ]; 197 ];
203 extraConfig = '' 198 extraConfig = ''
204 option subnet-mask 255.255.255.0; 199 option subnet-mask 255.255.255.0;
205 #option broadcast-address 10.141.1.1;
206 option domain-name-servers 10.141.1.1, 8.8.8.8, 8.8.4.4; 200 option domain-name-servers 10.141.1.1, 8.8.8.8, 8.8.4.4;
207 option domain-name "bragisheimr.yggdrasil"; 201 option domain-name "bragisheimr.yggdrasil";
208 option routers 10.141.4.1; 202 option routers 10.141.4.1;