diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2021-11-15 23:46:21 +0059 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2021-11-15 23:46:21 +0059 |
commit | ff8b8a10f24b77363539b8fb531907c963d98045 (patch) | |
tree | b3d5bf5acb319bbed9288ffeaad4e12f46c5806a /hosts | |
parent | 4dac5d86e426572618e0b8c6c4fbf7de8d3ac59c (diff) | |
download | nixos-ff8b8a10f24b77363539b8fb531907c963d98045.tar nixos-ff8b8a10f24b77363539b8fb531907c963d98045.tar.gz nixos-ff8b8a10f24b77363539b8fb531907c963d98045.tar.bz2 nixos-ff8b8a10f24b77363539b8fb531907c963d98045.tar.xz nixos-ff8b8a10f24b77363539b8fb531907c963d98045.zip |
vidhar: ...
Diffstat (limited to 'hosts')
-rw-r--r-- | hosts/vidhar/default.nix | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/hosts/vidhar/default.nix b/hosts/vidhar/default.nix index 45953d93..495e011d 100644 --- a/hosts/vidhar/default.nix +++ b/hosts/vidhar/default.nix | |||
@@ -95,7 +95,7 @@ | |||
95 | ip46tables -F nixos-fw-forward 2> /dev/null || true | 95 | ip46tables -F nixos-fw-forward 2> /dev/null || true |
96 | ip46tables -X nixos-fw-forward 2> /dev/null || true | 96 | ip46tables -X nixos-fw-forward 2> /dev/null || true |
97 | 97 | ||
98 | ip46tables -N nixos-fw-forward 2>/dev/null || true | 98 | ip46tables -N nixos-fw-forward |
99 | ip46tables -A nixos-fw-forward -i eno1 -j ACCEPT | 99 | ip46tables -A nixos-fw-forward -i eno1 -j ACCEPT |
100 | ip46tables -A nixos-fw-forward -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | 100 | ip46tables -A nixos-fw-forward -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT |
101 | ip6tables -A nixos-fw-forward -p icmpv6 --icmpv6-type redirect -j nixos-fw-log-refuse | 101 | ip6tables -A nixos-fw-forward -p icmpv6 --icmpv6-type redirect -j nixos-fw-log-refuse |
@@ -110,7 +110,7 @@ | |||
110 | ip46tables -t nat -F nixos-fw-postrouting-nat 2>/dev/null || true | 110 | ip46tables -t nat -F nixos-fw-postrouting-nat 2>/dev/null || true |
111 | ip46tables -t nat -X nixos-fw-postrouting-nat 2>/dev/null || true | 111 | ip46tables -t nat -X nixos-fw-postrouting-nat 2>/dev/null || true |
112 | 112 | ||
113 | ip46tables -t nat -N nixos-fw-postrouting-nat 2>/dev/null || true | 113 | ip46tables -t nat -N nixos-fw-postrouting-nat |
114 | iptables -t nat -A nixos-fw-postrouting-nat -o dsl -j MASQUERADE | 114 | iptables -t nat -A nixos-fw-postrouting-nat -o dsl -j MASQUERADE |
115 | 115 | ||
116 | ip46tables -t nat -A POSTROUTING -j nixos-fw-postrouting-nat | 116 | ip46tables -t nat -A POSTROUTING -j nixos-fw-postrouting-nat |
@@ -120,7 +120,7 @@ | |||
120 | ip46tables -t mangle -F nixos-fw-postrouting-mangle 2>/dev/null || true | 120 | ip46tables -t mangle -F nixos-fw-postrouting-mangle 2>/dev/null || true |
121 | ip46tables -t mangle -X nixos-fw-postrouting-mangle 2>/dev/null || true | 121 | ip46tables -t mangle -X nixos-fw-postrouting-mangle 2>/dev/null || true |
122 | 122 | ||
123 | ip46tables -t mangle -N nixos-fw-postrouting-mangle 2>/dev/null || true | 123 | ip46tables -t mangle -N nixos-fw-postrouting-mangle |
124 | ip46tables -t mangle -A nixos-fw-postrouting-mangle -o dsl -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu | 124 | ip46tables -t mangle -A nixos-fw-postrouting-mangle -o dsl -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu |
125 | 125 | ||
126 | ip46tables -t mangle -A POSTROUTING -j nixos-fw-postrouting-mangle | 126 | ip46tables -t mangle -A POSTROUTING -j nixos-fw-postrouting-mangle |