From 8bf9f82d92c5ebdf02d8ef30a7a11ee3b889828a Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Sat, 9 Oct 2021 11:30:33 +0200
Subject: yggdrasil-wg: ...

---
 modules/yggdrasil-wg/default.nix | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/modules/yggdrasil-wg/default.nix b/modules/yggdrasil-wg/default.nix
index d0d6e522..d73c7f3f 100644
--- a/modules/yggdrasil-wg/default.nix
+++ b/modules/yggdrasil-wg/default.nix
@@ -94,14 +94,14 @@ in {
     systemd.services.firewall.path = optionals isRouter [pkgs.procps];
     networking.firewall = mkIf isRouter {
       extraCommands = ''
-        iptables -A FORWARD -i yggdrasil -o yggdrasil -j nixos-fw-accept
-        iptables -A FORWARD -j nixos-fw-log-refuse
+        ip6tables -A FORWARD -i yggdrasil -o yggdrasil -j nixos-fw-accept
+        ip46tables -A FORWARD -j nixos-fw-log-refuse
         sysctl net.ipv6.conf.all.forwarding=1
       '';
       extraStopCommands = ''
         sysctl net.ipv6.conf.all.forwarding=0
-        iptables -D FORWARD -j nixos-fw-log-refuse
-        iptables -D FORWARD -i yggdrasil -o yggdrasil -j nixos-fw-accept
+        ip46tables -D FORWARD -j nixos-fw-log-refuse || true
+        ip6tables -D FORWARD -i yggdrasil -o yggdrasil -j nixos-fw-accept || true
       '';
     };
   };
-- 
cgit v1.2.3