1
0
nixfiles/configuration/router/default.nix

30 lines
612 B
Nix

{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
wireguard-tools
tcpdump
];
boot.kernel.sysctl = {
"net.ipv4.ip_forward" = true;
"net.ipv6.conf.all.forwarding" = true;
};
networking.firewall.checkReversePath = false;
networking.firewall.allowedTCPPorts = [
# Open Firewall for BGP
179
];
networking.firewall.extraCommands = ''
# Open fireall for OSPF
ip6tables -A INPUT -p ospfigp -j ACCEPT
iptables -A INPUT -p ospfigp -j ACCEPT
# Open firewall for GRE
ip6tables -A INPUT -p gre -j ACCEPT
iptables -A INPUT -p gre -j ACCEPT
'';
}