From 17c1f5bbfac29c72d5d54f0bc0e8adba3b7abb72 Mon Sep 17 00:00:00 2001
From: iFargle <albert@sysctl.io>
Date: Sun, 3 Dec 2023 13:11:57 +0900
Subject: [PATCH] Test

---
 nixos/hosts/osaka-vultr-01/xinetd.nix | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/nixos/hosts/osaka-vultr-01/xinetd.nix b/nixos/hosts/osaka-vultr-01/xinetd.nix
index 146ddbe2..b3936ba5 100644
--- a/nixos/hosts/osaka-vultr-01/xinetd.nix
+++ b/nixos/hosts/osaka-vultr-01/xinetd.nix
@@ -20,9 +20,13 @@
     5347  # Jitsi
     5280  # Jitsi
   ];
+
    networking.firewall.extraCommands     = '' 
-     ${pkgs.iptables}/bin/iptables -t nat -A PREROUTING  -p tcp --dport 80 -j DNAT --to-destination 10.100.0.2:80
-     ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -p tcp -d 10.100.0.2 --dport 80 -j SNAT --to-source 10.100.0.1
+    iptables -t nat -A PREROUTING -p tcp -i ppp0 --dport 80 -j DNAT --to-destination 10.100.0.2:80
+    iptables -A FORWARD -p tcp -d 10.100.0.2 --dport 80 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
+
+    iptables -t nat -A PREROUTING -p tcp -i ppp0 --dport 443 -j DNAT --to-destination 10.100.0.2:443
+    iptables -A FORWARD -p tcp -d 10.100.0.2 --dport 443 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
    '';
 
   services.xinetd = {