diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2021-10-09 11:30:33 +0200 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2021-10-09 11:30:33 +0200 |
commit | 8bf9f82d92c5ebdf02d8ef30a7a11ee3b889828a (patch) | |
tree | b944403cac6aba328ab6a895bb8c71185e40a212 /modules/yggdrasil-wg | |
parent | cbe13936a152eaab0e421c9dd1d19787e2ed7f16 (diff) | |
download | nixos-8bf9f82d92c5ebdf02d8ef30a7a11ee3b889828a.tar nixos-8bf9f82d92c5ebdf02d8ef30a7a11ee3b889828a.tar.gz nixos-8bf9f82d92c5ebdf02d8ef30a7a11ee3b889828a.tar.bz2 nixos-8bf9f82d92c5ebdf02d8ef30a7a11ee3b889828a.tar.xz nixos-8bf9f82d92c5ebdf02d8ef30a7a11ee3b889828a.zip |
yggdrasil-wg: ...
Diffstat (limited to 'modules/yggdrasil-wg')
-rw-r--r-- | modules/yggdrasil-wg/default.nix | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/modules/yggdrasil-wg/default.nix b/modules/yggdrasil-wg/default.nix index d0d6e522..d73c7f3f 100644 --- a/modules/yggdrasil-wg/default.nix +++ b/modules/yggdrasil-wg/default.nix | |||
@@ -94,14 +94,14 @@ in { | |||
94 | systemd.services.firewall.path = optionals isRouter [pkgs.procps]; | 94 | systemd.services.firewall.path = optionals isRouter [pkgs.procps]; |
95 | networking.firewall = mkIf isRouter { | 95 | networking.firewall = mkIf isRouter { |
96 | extraCommands = '' | 96 | extraCommands = '' |
97 | iptables -A FORWARD -i yggdrasil -o yggdrasil -j nixos-fw-accept | 97 | ip6tables -A FORWARD -i yggdrasil -o yggdrasil -j nixos-fw-accept |
98 | iptables -A FORWARD -j nixos-fw-log-refuse | 98 | ip46tables -A FORWARD -j nixos-fw-log-refuse |
99 | sysctl net.ipv6.conf.all.forwarding=1 | 99 | sysctl net.ipv6.conf.all.forwarding=1 |
100 | ''; | 100 | ''; |
101 | extraStopCommands = '' | 101 | extraStopCommands = '' |
102 | sysctl net.ipv6.conf.all.forwarding=0 | 102 | sysctl net.ipv6.conf.all.forwarding=0 |
103 | iptables -D FORWARD -j nixos-fw-log-refuse | 103 | ip46tables -D FORWARD -j nixos-fw-log-refuse || true |
104 | iptables -D FORWARD -i yggdrasil -o yggdrasil -j nixos-fw-accept | 104 | ip6tables -D FORWARD -i yggdrasil -o yggdrasil -j nixos-fw-accept || true |
105 | ''; | 105 | ''; |
106 | }; | 106 | }; |
107 | }; | 107 | }; |