diff options
| -rw-r--r-- | modules/yggdrasil-wg/default.nix | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/modules/yggdrasil-wg/default.nix b/modules/yggdrasil-wg/default.nix index d0d6e522..d73c7f3f 100644 --- a/modules/yggdrasil-wg/default.nix +++ b/modules/yggdrasil-wg/default.nix | |||
| @@ -94,14 +94,14 @@ in { | |||
| 94 | systemd.services.firewall.path = optionals isRouter [pkgs.procps]; | 94 | systemd.services.firewall.path = optionals isRouter [pkgs.procps]; |
| 95 | networking.firewall = mkIf isRouter { | 95 | networking.firewall = mkIf isRouter { |
| 96 | extraCommands = '' | 96 | extraCommands = '' |
| 97 | iptables -A FORWARD -i yggdrasil -o yggdrasil -j nixos-fw-accept | 97 | ip6tables -A FORWARD -i yggdrasil -o yggdrasil -j nixos-fw-accept |
| 98 | iptables -A FORWARD -j nixos-fw-log-refuse | 98 | ip46tables -A FORWARD -j nixos-fw-log-refuse |
| 99 | sysctl net.ipv6.conf.all.forwarding=1 | 99 | sysctl net.ipv6.conf.all.forwarding=1 |
| 100 | ''; | 100 | ''; |
| 101 | extraStopCommands = '' | 101 | extraStopCommands = '' |
| 102 | sysctl net.ipv6.conf.all.forwarding=0 | 102 | sysctl net.ipv6.conf.all.forwarding=0 |
| 103 | iptables -D FORWARD -j nixos-fw-log-refuse | 103 | ip46tables -D FORWARD -j nixos-fw-log-refuse || true |
| 104 | iptables -D FORWARD -i yggdrasil -o yggdrasil -j nixos-fw-accept | 104 | ip6tables -D FORWARD -i yggdrasil -o yggdrasil -j nixos-fw-accept || true |
| 105 | ''; | 105 | ''; |
| 106 | }; | 106 | }; |
| 107 | }; | 107 | }; |