From 8d831405c45f40911525d3a33858edc6083da5be Mon Sep 17 00:00:00 2001
From: iFargle <albert@sysctl.io>
Date: Wed, 6 Dec 2023 08:53:36 +0900
Subject: [PATCH] Update firewall

---
 nixos/hosts/framework-server/default.nix | 5 +++++
 nixos/hosts/osaka-linode-01/firewall.nix | 1 -
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/nixos/hosts/framework-server/default.nix b/nixos/hosts/framework-server/default.nix
index 8a2a1a26..15ef06e4 100644
--- a/nixos/hosts/framework-server/default.nix
+++ b/nixos/hosts/framework-server/default.nix
@@ -52,6 +52,11 @@
     "net.ipv4.ip_forward" = true; 
   };
 
+  # Forward mail port 25 to sysctl.io / linode
+  networking.firewall.extraCommands = '' 
+    iptables -t nat -A OUTPUT -p tcp -d 192.168.1.101 --dport 1234 -j DNAT --to-destination 192.168.1.102:4321
+  '';
+
   boot.initrd.services.udev.rules = ''
     # This is used to load the correct kernel module for the Framework USB-C Ethernet Adapter
 
diff --git a/nixos/hosts/osaka-linode-01/firewall.nix b/nixos/hosts/osaka-linode-01/firewall.nix
index 67f09f10..50a2925d 100644
--- a/nixos/hosts/osaka-linode-01/firewall.nix
+++ b/nixos/hosts/osaka-linode-01/firewall.nix
@@ -23,7 +23,6 @@
 
   networking.firewall.extraCommands     = '' 
     iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
-    iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
 
     # TCP PORTS ##################################################################################################
     # PORT 80