xun/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

disable changing the source ip for incoming wireguard

Browse source
This commit is contained in:
xunuwu 2025-06-05 08:14:16 +02:00
parent 2fea088019
commit b750ba0711
Signed by: xun
SSH key fingerprint: SHA256:Uot/1WoAjWAeqLOHA5vYy4phhVydsH7jCPmBjaPZfgI
1 changed files with 0 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
sys/machines/rackserv/wireguard-server.nix
View file

@ -38,7 +38,6 @@
x.protocols
|> map (protocol: ''
iptables -t nat -A PREROUTING -p ${protocol} -d ${externalIp} --dport ${toString x.port} -j DNAT --to-destination ${x.destinationIp}
iptables -t nat -A POSTROUTING -p ${protocol} -d ${x.destinationIp} --dport ${toString x.port} -j SNAT --to-source 172.245.52.19
''))
|> b.concatLists
|> b.concatStringsSep "\n";
@ -49,7 +48,6 @@
x.protocols
|> map (protocol: ''
iptables -t nat -D PREROUTING -p ${protocol} -d ${externalIp} --dport ${toString x.port} -j DNAT --to-destination ${x.destinationIp} || true
iptables -t nat -D POSTROUTING -p ${protocol} -d ${x.destinationIp} --dport ${toString x.port} -j SNAT --to-source 172.245.52.19 || true
''))
|> b.concatLists
|> b.concatStringsSep "\n";