clerie/nixfiles
1
0
Fork 0
Code

Restrict guest network

Browse Source
This commit is contained in:
clerie 2021-08-19 19:03:34 +02:00
parent 222d538de6
commit c55c0d7367
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
hosts/carbon/configuration.nix
View File

@ -115,12 +115,12 @@
networking.firewall.allowedUDPPorts = [ 60001 ]; networking.firewall.allowedUDPPorts = [ 60001 ];
networking.firewwall.extraCommands = [ networking.firewall.extraCommands = ''
"iptables -A FORWARD -i enp1s0.202 -o enp1s0.102 -j ACCEPT" iptables -A FORWARD -i enp1s0.202 -o enp1s0.102 -j ACCEPT
"iptables -A FORWARD -i enp1s0.202 -j DROP" iptables -A FORWARD -i enp1s0.202 -j DROP
"iptables -A FORWARD -i enp1s0.102 -o enp1s0.202 -j ACCEPT" iptables -A FORWARD -i enp1s0.102 -o enp1s0.202 -j ACCEPT
"iptables -A FORWARD -o enp1s0.202 -j DROP" iptables -A FORWARD -o enp1s0.202 -j DROP
]; '';
# Routing tables # Routing tables
# Table: 10000 # Table: 10000