dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Don't blindly trust as211024
All checks were successful
CI / Check, build and cache Nix flake (push) Successful in 20m22s
Details

Browse Source
This commit is contained in:
Jack O'Sullivan
2023-12-20 22:59:51 +00:00
parent 0fe863844f
commit e760569b3e
4 changed files with 32 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
nixos/boxes/britway/default.nix
View File

@@ -150,8 +150,14 @@ in
};
firewall = {
trustedInterfaces = [ "as211024" "tailscale0" ];
trustedInterfaces = [ "tailscale0" ];
extraRules = ''
table inet filter {
chain forward {
${lib.my.c.as211024.nftTrust}
oifname as211024 accept
}
}
table inet nat {
chain postrouting {
iifname tailscale0 oifname veth0 snat ip to ${assignments.vultr.ipv4.address}