From c55c0d73678ec640b78e5e4812c368b141460abe Mon Sep 17 00:00:00 2001
From: clerie <git@clerie.de>
Date: Thu, 19 Aug 2021 19:03:34 +0200
Subject: [PATCH] Restrict guest network

---
 hosts/carbon/configuration.nix | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/hosts/carbon/configuration.nix b/hosts/carbon/configuration.nix
index e36b1c3..8391e6c 100644
--- a/hosts/carbon/configuration.nix
+++ b/hosts/carbon/configuration.nix
@@ -115,12 +115,12 @@
 
   networking.firewall.allowedUDPPorts = [ 60001 ];
 
-  networking.firewwall.extraCommands = [
-    "iptables -A FORWARD -i enp1s0.202 -o enp1s0.102 -j ACCEPT"
-    "iptables -A FORWARD -i enp1s0.202 -j DROP"
-    "iptables -A FORWARD -i enp1s0.102 -o enp1s0.202 -j ACCEPT"
-    "iptables -A FORWARD -o enp1s0.202 -j DROP"
-  ];
+  networking.firewall.extraCommands = ''
+    iptables -A FORWARD -i enp1s0.202 -o enp1s0.102 -j ACCEPT
+    iptables -A FORWARD -i enp1s0.202 -j DROP
+    iptables -A FORWARD -i enp1s0.102 -o enp1s0.202 -j ACCEPT
+    iptables -A FORWARD -o enp1s0.202 -j DROP
+  '';
 
   # Routing tables
   # Table: 10000