From e24190ae082c252378f3368be9091a2b7a2fe40e Mon Sep 17 00:00:00 2001
From: clerie <git@clerie.de>
Date: Wed, 11 Jun 2025 08:07:13 +0200
Subject: [PATCH] hosts/dn42-il-gw1: Open firewall for wireguard tunnel ports

---
 hosts/dn42-il-gw1/configuration.nix | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/hosts/dn42-il-gw1/configuration.nix b/hosts/dn42-il-gw1/configuration.nix
index 28ae99d..0cd44a6 100644
--- a/hosts/dn42-il-gw1/configuration.nix
+++ b/hosts/dn42-il-gw1/configuration.nix
@@ -162,6 +162,15 @@
     };
   };
 
+  networking.firewall.allowedUDPPorts = [
+    50565 # wg0565
+    51271 # wg1271
+    51272 # wg1272
+    51280 # wg1280
+    54719 # wg4719
+    51718 # wg1718
+  ];
+
   profiles.clerie.dn42-router = {
     enable = true;
     loopbackIp = "fd56:4902:eca0:1::1";