albert/nix
albert/nix
1
0
Fork 0
Code Issues Pull requests Activity Actions

Update fw rules

Browse source
This commit is contained in:
iFargle 2023-12-06 16:59:18 +09:00
parent b69d867ece
commit 68dca1bc66
1 changed files with 3 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
nixos/hosts/osaka-linode-01/xinetd.nix
View file

@ -21,13 +21,10 @@
5280 # Jitsi 5280 # Jitsi
]; ];
networking.firewall.extraCommands = '' networking.firewall.extraCommands = ''
${pkgs.iptables}/bin/iptables -t nat -A PREROUTING -d 172.234.84.222 -j DNAT --to-destination 10.100.0.2 iptables -t nat -A PREROUTING -d 172.234.84.222 -j DNAT --to-destination 10.100.0.2
${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.2 -j SNAT --to-source 172.234.84.222 iptables -t nat -A POSTROUTING -s 10.100.0.2 -j SNAT --to-source 172.234.84.222
'';
networking.firewall.extraCommands = ''
iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
# PORT 10000 # PORT 10000
iptables -t nat -A PREROUTING -p udp --dport 10000 -j DNAT --to-destination 10.100.0.2 iptables -t nat -A PREROUTING -p udp --dport 10000 -j DNAT --to-destination 10.100.0.2
iptables -t nat -A POSTROUTING -p udp --dport 10000 -j MASQUERADE iptables -t nat -A POSTROUTING -p udp --dport 10000 -j MASQUERADE