xun/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

re-add snat wg serv fw rules

Browse source
This commit is contained in:
xunuwu 2025-06-08 14:23:43 +02:00
parent 3e56f5ffe3
commit 6ca1b26e84
Signed by: xun
SSH key fingerprint: SHA256:Uot/1WoAjWAeqLOHA5vYy4phhVydsH7jCPmBjaPZfgI
1 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
hosts/rackserv/profiles/wireguard-server.nix
View file

@ -38,6 +38,7 @@
x.protocols x.protocols
|> map (protocol: '' |> map (protocol: ''
iptables -t nat -A PREROUTING -p ${protocol} -d ${externalIp} --dport ${toString x.port} -j DNAT --to-destination ${x.destinationIp} iptables -t nat -A PREROUTING -p ${protocol} -d ${externalIp} --dport ${toString x.port} -j DNAT --to-destination ${x.destinationIp}
iptables -t nat -A POSTROUTING -p ${protocol} -d ${x.destinationIp} --dport ${toString x.port} -j SNAT --to-source 172.245.52.19
'')) ''))
|> b.concatLists |> b.concatLists
|> b.concatStringsSep "\n"; |> b.concatStringsSep "\n";
@ -48,6 +49,7 @@
x.protocols x.protocols
|> map (protocol: '' |> map (protocol: ''
iptables -t nat -D PREROUTING -p ${protocol} -d ${externalIp} --dport ${toString x.port} -j DNAT --to-destination ${x.destinationIp} || true iptables -t nat -D PREROUTING -p ${protocol} -d ${externalIp} --dport ${toString x.port} -j DNAT --to-destination ${x.destinationIp} || true
iptables -t nat -D POSTROUTING -p ${protocol} -d ${x.destinationIp} --dport ${toString x.port} -j SNAT --to-source 172.245.52.19
'')) ''))
|> b.concatLists |> b.concatLists
|> b.concatStringsSep "\n"; |> b.concatStringsSep "\n";