diff --git a/nixos/hosts/osaka-vultr-01/xinetd.nix b/nixos/hosts/osaka-vultr-01/xinetd.nix index b3936ba5..38c4b060 100644 --- a/nixos/hosts/osaka-vultr-01/xinetd.nix +++ b/nixos/hosts/osaka-vultr-01/xinetd.nix @@ -22,11 +22,12 @@ ]; networking.firewall.extraCommands = '' - iptables -t nat -A PREROUTING -p tcp -i ppp0 --dport 80 -j DNAT --to-destination 10.100.0.2:80 - iptables -A FORWARD -p tcp -d 10.100.0.2 --dport 80 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT - - iptables -t nat -A PREROUTING -p tcp -i ppp0 --dport 443 -j DNAT --to-destination 10.100.0.2:443 - iptables -A FORWARD -p tcp -d 10.100.0.2 --dport 443 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT + ${pkgs.iptables}/bin/iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 64.176.54.57:80 + ${pkgs.iptables}/bin/iptables -t nat -A OUTPUT -d 10.100.0.2 -p tcp --dport 80 -j DNAT --to 64.176.54.57:80 + ${pkgs.iptables}/bin/iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j DNAT --to 64.176.54.57:443 + ${pkgs.iptables}/bin/iptables -t nat -A OUTPUT -d 10.100.0.2 -p tcp --dport 443 -j DNAT --to 64.176.54.57:443 + ${pkgs.iptables}/bin/iptables -t nat -A PREROUTING -i eth0 -p udp --dport 10000 -j DNAT --to 64.176.54.57:10000 + ${pkgs.iptables}/bin/iptables -t nat -A OUTPUT -d 10.100.0.2 -p udp --dport 10000 -j DNAT --to 64.176.54.57:10000 ''; services.xinetd = {