diff --git a/nixos/hosts/osaka-linode-01/firewall.nix b/nixos/hosts/osaka-linode-01/firewall.nix index 7d2d25f2..50a2925d 100644 --- a/nixos/hosts/osaka-linode-01/firewall.nix +++ b/nixos/hosts/osaka-linode-01/firewall.nix @@ -33,29 +33,29 @@ iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination 10.100.0.2 iptables -t nat -A POSTROUTING -p tcp --dport 443 -j MASQUERADE - # # PORT 25 - # iptables -t nat -A PREROUTING -p tcp --dport 25 -j DNAT --to-destination 10.100.0.2 - # iptables -t nat -A POSTROUTING -p tcp --dport 25 -j MASQUERADE - # - # # PORT 465 - # iptables -t nat -A PREROUTING -p tcp --dport 465 -j DNAT --to-destination 10.100.0.2 - # iptables -t nat -A POSTROUTING -p tcp --dport 465 -j MASQUERADE - # - # # PORT 587 - # iptables -t nat -A PREROUTING -p tcp --dport 587 -j DNAT --to-destination 10.100.0.2 - # iptables -t nat -A POSTROUTING -p tcp --dport 587 -j MASQUERADE - # - # # PORT 143 - # iptables -t nat -A PREROUTING -p tcp --dport 143 -j DNAT --to-destination 10.100.0.2 - # iptables -t nat -A POSTROUTING -p tcp --dport 143 -j MASQUERADE - # - # # PORT 993 - # iptables -t nat -A PREROUTING -p tcp --dport 993 -j DNAT --to-destination 10.100.0.2 - # iptables -t nat -A POSTROUTING -p tcp --dport 993 -j MASQUERADE - # - # # PORT 4190 - # iptables -t nat -A PREROUTING -p tcp --dport 4190 -j DNAT --to-destination 10.100.0.2 - # iptables -t nat -A POSTROUTING -p tcp --dport 4190 -j MASQUERADE + # PORT 25 + iptables -t nat -A PREROUTING -p tcp --dport 25 -j DNAT --to-destination 10.100.0.2 + iptables -t nat -A POSTROUTING -p tcp --dport 25 -j MASQUERADE + + # PORT 465 + iptables -t nat -A PREROUTING -p tcp --dport 465 -j DNAT --to-destination 10.100.0.2 + iptables -t nat -A POSTROUTING -p tcp --dport 465 -j MASQUERADE + + # PORT 587 + iptables -t nat -A PREROUTING -p tcp --dport 587 -j DNAT --to-destination 10.100.0.2 + iptables -t nat -A POSTROUTING -p tcp --dport 587 -j MASQUERADE + + # PORT 143 + iptables -t nat -A PREROUTING -p tcp --dport 143 -j DNAT --to-destination 10.100.0.2 + iptables -t nat -A POSTROUTING -p tcp --dport 143 -j MASQUERADE + + # PORT 993 + iptables -t nat -A PREROUTING -p tcp --dport 993 -j DNAT --to-destination 10.100.0.2 + iptables -t nat -A POSTROUTING -p tcp --dport 993 -j MASQUERADE + + # PORT 4190 + iptables -t nat -A PREROUTING -p tcp --dport 4190 -j DNAT --to-destination 10.100.0.2 + iptables -t nat -A POSTROUTING -p tcp --dport 4190 -j MASQUERADE # PORT 42420 iptables -t nat -A PREROUTING -p tcp --dport 42420 -j DNAT --to-destination 10.100.0.2 @@ -94,61 +94,4 @@ iptables -t nat -A PREROUTING -p udp --dport 3478 -j DNAT --to-destination 10.100.0.2 iptables -t nat -A POSTROUTING -p udp --dport 3478 -j MASQUERADE ''; - - - services.xinetd = { - enable = true; - extraDefaults = ''flags = IPv4''; - services = [ - { - name = "mail 25"; - port = 25; - protocol = "tcp"; - unlisted = true; - server = "/usr/bin/env"; # Placeholder. - extraConfig = "redirect = 10.100.0.2 25"; - } - { - name = "mail 465"; - port = 465; - protocol = "tcp"; - unlisted = true; - server = "/usr/bin/env"; # Placeholder. - extraConfig = "redirect = 10.100.0.2 465"; - } - { - name = "mail 587"; - port = 587; - protocol = "tcp"; - unlisted = true; - server = "/usr/bin/env"; # Placeholder. - extraConfig = "redirect = 10.100.0.2 587"; - } - { - name = "mail 143"; - port = 143; - protocol = "tcp"; - unlisted = true; - server = "/usr/bin/env"; # Placeholder. - extraConfig = "redirect = 10.100.0.2 143"; - } - { - name = "mail 993"; - port = 993; - protocol = "tcp"; - unlisted = true; - server = "/usr/bin/env"; # Placeholder. - extraConfig = "redirect = 10.100.0.2 993"; - } - { - name = "mail 4190"; - port = 4190; - protocol = "tcp"; - unlisted = true; - server = "/usr/bin/env"; # Placeholder. - extraConfig = "redirect = 10.100.0.2 4190"; - } - ]; - }; - } \ No newline at end of file