cilly/flakes
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

system/wireguard: also forward udp

Browse source
This commit is contained in:
Cilly Leang 2026-04-10 01:02:28 +10:00
parent 52e53ba5b3
commit 4a91f8a165
Signed by: cilly
GPG key ID: 6500251E087653C9
1 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
modules/system/wireguard.nix
View file

@ -6,7 +6,7 @@ let
serverIp = gcSecrets.wireguard.gateway;
forwarding = {
# "22727" = [ "10.100.0.3" "7777" ];
"22727" = [ "10.100.0.3" "7777" ];
};
mapForwards = type:
@ -18,6 +18,8 @@ let
in ''
${pkgs.iptables}/bin/iptables -${type} PREROUTING -t nat -i ${serverInterface} -p tcp --dport ${sport} -j DNAT --to ${dest}:${dport}
${pkgs.iptables}/bin/iptables -${type} FORWARD -p tcp -d ${dest} --dport ${dport} -j ACCEPT
${pkgs.iptables}/bin/iptables -${type} PREROUTING -t nat -i ${serverInterface} -p udp --dport ${sport} -j DNAT --to ${dest}:${dport}
${pkgs.iptables}/bin/iptables -${type} FORWARD -p udp -d ${dest} --dport ${dport} -j ACCEPT
'') forwarding
);