From 68dca1bc664c028345e749c2e0781bb53062ad45 Mon Sep 17 00:00:00 2001
From: iFargle <albert@sysctl.io>
Date: Wed, 6 Dec 2023 16:59:18 +0900
Subject: [PATCH] Update fw rules

---
 nixos/hosts/osaka-linode-01/xinetd.nix | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/nixos/hosts/osaka-linode-01/xinetd.nix b/nixos/hosts/osaka-linode-01/xinetd.nix
index ddc7bcae..bacbf011 100644
--- a/nixos/hosts/osaka-linode-01/xinetd.nix
+++ b/nixos/hosts/osaka-linode-01/xinetd.nix
@@ -21,13 +21,10 @@
     5280  # Jitsi
   ];
   networking.firewall.extraCommands     = '' 
-    ${pkgs.iptables}/bin/iptables -t nat -A PREROUTING  -d 172.234.84.222 -j DNAT --to-destination 10.100.0.2
-    ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.2     -j SNAT --to-source      172.234.84.222
-  '';
-
-    networking.firewall.extraCommands     = '' 
+    iptables -t nat -A PREROUTING  -d 172.234.84.222 -j DNAT --to-destination 10.100.0.2
+    iptables -t nat -A POSTROUTING -s 10.100.0.2     -j SNAT --to-source      172.234.84.222
     iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
-    
+
     # PORT 10000
     iptables -t nat -A PREROUTING  -p udp --dport 10000 -j DNAT --to-destination 10.100.0.2
     iptables -t nat -A POSTROUTING -p udp --dport 10000 -j MASQUERADE