From ae4de7f03a089131dd98fa05c53f6d359a88206c Mon Sep 17 00:00:00 2001 From: clerie Date: Thu, 15 Aug 2024 19:36:01 +0200 Subject: [PATCH] hosts/carbon: Move net-gastnetz to bridge --- hosts/carbon/net-gastnetz.nix | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/hosts/carbon/net-gastnetz.nix b/hosts/carbon/net-gastnetz.nix index 932c374..9b1d968 100644 --- a/hosts/carbon/net-gastnetz.nix +++ b/hosts/carbon/net-gastnetz.nix @@ -7,16 +7,19 @@ id = 202; interface = "enp1s0"; }; - networking.interfaces."enp1s0.202".ipv6.addresses = [ + networking.bridges."net-gastnetz".interfaces = [ + "enp1s0.202" + ]; + networking.interfaces."net-gastnetz".ipv6.addresses = [ { address = "fd00:3214:9453:4920::1"; prefixLength = 64; } { address = "2001:4cd8:100:1313::1"; prefixLength = 64; } # public IPs for local network ]; - networking.interfaces."enp1s0.202".ipv4.addresses = [ + networking.interfaces."net-gastnetz".ipv4.addresses = [ { address = "192.168.32.1"; prefixLength = 24; } ]; services.radvd.config = '' - interface enp1s0.202 { + interface net-gastnetz { AdvSendAdvert on; prefix 2001:4cd8:100:1313::/64 {}; RDNSS 2620:fe::fe 2620:fe::9 {}; # Quad 9 @@ -26,7 +29,7 @@ services.kea.dhcp4 = { settings = { interfaces-config = { - interfaces = [ "enp1s0.202" ]; + interfaces = [ "net-gastnetz" ]; }; subnet4 = [ # Gastnetz @@ -55,9 +58,9 @@ # net-gastnetz can only access internet clerie.firewall.extraForwardFilterCommands = '' - ip46tables -A forward-filter -i enp1s0.202 -o ppp-dtagdsl -j ACCEPT - ip46tables -A forward-filter -i enp1s0.202 -j DROP - ip46tables -A forward-filter -o enp1s0.202 -j DROP + ip46tables -A forward-filter -i net-gastnetz -o ppp-dtagdsl -j ACCEPT + ip46tables -A forward-filter -i net-gastnetz -j DROP + ip46tables -A forward-filter -o net-gastnetz -j DROP ''; }