vidhar: ...

author: Gregor Kleen <gkleen@yggdrasil.li> 2021-11-15 23:46:21 +0059
committer: Gregor Kleen <gkleen@yggdrasil.li> 2021-11-15 23:46:21 +0059
commit: ff8b8a10f24b77363539b8fb531907c963d98045 (patch)
tree: b3d5bf5acb319bbed9288ffeaad4e12f46c5806a /hosts/vidhar/default.nix
parent: 4dac5d86e426572618e0b8c6c4fbf7de8d3ac59c (diff)
download: nixos-ff8b8a10f24b77363539b8fb531907c963d98045.tar
nixos-ff8b8a10f24b77363539b8fb531907c963d98045.tar.gz
nixos-ff8b8a10f24b77363539b8fb531907c963d98045.tar.bz2
nixos-ff8b8a10f24b77363539b8fb531907c963d98045.tar.xz
nixos-ff8b8a10f24b77363539b8fb531907c963d98045.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/hosts/vidhar/default.nix b/hosts/vidhar/default.nix
index 45953d93..495e011d 100644
--- a/hosts/vidhar/default.nix
+++ b/hosts/vidhar/default.nix
@@ -95,7 +95,7 @@
          ip46tables -F nixos-fw-forward 2> /dev/null || true
          ip46tables -X nixos-fw-forward 2> /dev/null || true
-          ip46tables -N nixos-fw-forward 2>/dev/null || true
+          ip46tables -N nixos-fw-forward
          ip46tables -A nixos-fw-forward -i eno1 -j ACCEPT
          ip46tables -A nixos-fw-forward -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
          ip6tables -A nixos-fw-forward -p icmpv6 --icmpv6-type redirect -j nixos-fw-log-refuse
@@ -110,7 +110,7 @@
          ip46tables -t nat -F nixos-fw-postrouting-nat 2>/dev/null || true
          ip46tables -t nat -X nixos-fw-postrouting-nat 2>/dev/null || true
-          ip46tables -t nat -N nixos-fw-postrouting-nat 2>/dev/null || true
+          ip46tables -t nat -N nixos-fw-postrouting-nat
          iptables -t nat -A nixos-fw-postrouting-nat -o dsl -j MASQUERADE
          ip46tables -t nat -A POSTROUTING -j nixos-fw-postrouting-nat
@@ -120,7 +120,7 @@
          ip46tables -t mangle -F nixos-fw-postrouting-mangle 2>/dev/null || true
          ip46tables -t mangle -X nixos-fw-postrouting-mangle 2>/dev/null || true
-          ip46tables -t mangle -N nixos-fw-postrouting-mangle 2>/dev/null || true
+          ip46tables -t mangle -N nixos-fw-postrouting-mangle
          ip46tables -t mangle -A nixos-fw-postrouting-mangle -o dsl -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
          ip46tables -t mangle -A POSTROUTING -j nixos-fw-postrouting-mangle
author	Gregor Kleen <gkleen@yggdrasil.li>	2021-11-15 23:46:21 +0059
committer	Gregor Kleen <gkleen@yggdrasil.li>	2021-11-15 23:46:21 +0059
commit	ff8b8a10f24b77363539b8fb531907c963d98045 (patch)
tree	b3d5bf5acb319bbed9288ffeaad4e12f46c5806a /hosts/vidhar/default.nix
parent	4dac5d86e426572618e0b8c6c4fbf7de8d3ac59c (diff)
download	nixos-ff8b8a10f24b77363539b8fb531907c963d98045.tar nixos-ff8b8a10f24b77363539b8fb531907c963d98045.tar.gz nixos-ff8b8a10f24b77363539b8fb531907c963d98045.tar.bz2 nixos-ff8b8a10f24b77363539b8fb531907c963d98045.tar.xz nixos-ff8b8a10f24b77363539b8fb531907c963d98045.zip

diff --git a/hosts/vidhar/default.nix b/hosts/vidhar/default.nix index 45953d93..495e011d 100644 --- a/hosts/vidhar/default.nix +++ b/hosts/vidhar/default.nix
@@ -95,7 +95,7 @@
95	ip46tables -F nixos-fw-forward 2> /dev/null \|\| true	95	ip46tables -F nixos-fw-forward 2> /dev/null \|\| true
96	ip46tables -X nixos-fw-forward 2> /dev/null \|\| true	96	ip46tables -X nixos-fw-forward 2> /dev/null \|\| true
97		97
98	ip46tables -N nixos-fw-forward 2>/dev/null \|\| true	98	ip46tables -N nixos-fw-forward
99	ip46tables -A nixos-fw-forward -i eno1 -j ACCEPT	99	ip46tables -A nixos-fw-forward -i eno1 -j ACCEPT
100	ip46tables -A nixos-fw-forward -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT	100	ip46tables -A nixos-fw-forward -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
101	ip6tables -A nixos-fw-forward -p icmpv6 --icmpv6-type redirect -j nixos-fw-log-refuse	101	ip6tables -A nixos-fw-forward -p icmpv6 --icmpv6-type redirect -j nixos-fw-log-refuse
@@ -110,7 +110,7 @@
110	ip46tables -t nat -F nixos-fw-postrouting-nat 2>/dev/null \|\| true	110	ip46tables -t nat -F nixos-fw-postrouting-nat 2>/dev/null \|\| true
111	ip46tables -t nat -X nixos-fw-postrouting-nat 2>/dev/null \|\| true	111	ip46tables -t nat -X nixos-fw-postrouting-nat 2>/dev/null \|\| true
112		112
113	ip46tables -t nat -N nixos-fw-postrouting-nat 2>/dev/null \|\| true	113	ip46tables -t nat -N nixos-fw-postrouting-nat
114	iptables -t nat -A nixos-fw-postrouting-nat -o dsl -j MASQUERADE	114	iptables -t nat -A nixos-fw-postrouting-nat -o dsl -j MASQUERADE
115		115
116	ip46tables -t nat -A POSTROUTING -j nixos-fw-postrouting-nat	116	ip46tables -t nat -A POSTROUTING -j nixos-fw-postrouting-nat
@@ -120,7 +120,7 @@
120	ip46tables -t mangle -F nixos-fw-postrouting-mangle 2>/dev/null \|\| true	120	ip46tables -t mangle -F nixos-fw-postrouting-mangle 2>/dev/null \|\| true
121	ip46tables -t mangle -X nixos-fw-postrouting-mangle 2>/dev/null \|\| true	121	ip46tables -t mangle -X nixos-fw-postrouting-mangle 2>/dev/null \|\| true
122		122
123	ip46tables -t mangle -N nixos-fw-postrouting-mangle 2>/dev/null \|\| true	123	ip46tables -t mangle -N nixos-fw-postrouting-mangle
124	ip46tables -t mangle -A nixos-fw-postrouting-mangle -o dsl -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu	124	ip46tables -t mangle -A nixos-fw-postrouting-mangle -o dsl -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
125		125
126	ip46tables -t mangle -A POSTROUTING -j nixos-fw-postrouting-mangle	126	ip46tables -t mangle -A POSTROUTING -j nixos-fw-postrouting-mangle