Block IP4 traffic from and to guest network

2021-08-01 14:50:31 +02:00 · 2021-08-01 14:50:31 +02:00 · 222d538de6
parent 008a51702a
commit 222d538de6
1 changed files with 7 additions and 0 deletions
--- a/hosts/carbon/configuration.nix
+++ b/hosts/carbon/configuration.nix
@ -115,6 +115,13 @@

  networking.firewall.allowedUDPPorts = [ 60001 ];

+  networking.firewwall.extraCommands = [
+    "iptables -A FORWARD -i enp1s0.202 -o enp1s0.102 -j ACCEPT"
+    "iptables -A FORWARD -i enp1s0.202 -j DROP"
+    "iptables -A FORWARD -i enp1s0.102 -o enp1s0.202 -j ACCEPT"
+    "iptables -A FORWARD -o enp1s0.202 -j DROP"
+  ];
+
  # Routing tables
  # Table: 10000
  # - primary routes