drop fwmark for wireguard

author: Kjetil Orbekk <kj@orbekk.com> 2023-10-07 16:30:56 -0400
committer: Kjetil Orbekk <kj@orbekk.com> 2023-10-07 16:30:56 -0400
commit: 22b9a7ca01eb508dcfdc7493c7c6191afa9bbf58 (patch)
tree: 99a7e7efcd41283c8e17c1c5d82419caf8944904
parent: e34a984b21e4daef9a8dc133e994b1bf4ad55ce6 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/modules/router.nix b/modules/router.nix
index 29de644..d7cc3a0 100644
--- a/modules/router.nix
+++ b/modules/router.nix
@@ -109,8 +109,8 @@ let
         ip -6 rule add fwmark ${toString heMark} table he || true
         ip -6 route replace default dev he0 table he
 
-        ip rule add fwmark ${toString vpnMark} table vpn || true
-        ip -6 rule add fwmark ${toString vpnMark} table vpn || true
+        # ip rule add fwmark ${toString vpnMark} table vpn || true
+        # ip -6 rule add fwmark ${toString vpnMark} table vpn || true
 
         ip rule add fwmark ${toString mullvadMark} table mullvad || true
         ip -6 rule add fwmark ${toString mullvadMark} table mullvad || true
@@ -334,7 +334,7 @@ in {
     age.secrets.dragon-wireguard-key.file = ./.
         + "/../secrets/dragon-wireguard-key.age";
     networking.wireguard.interfaces.wg-vpn = {
-      fwMark = "${toString vpnMark}";
+      # fwMark = "${toString vpnMark}";
       socketNamespace = "router";
       interfaceNamespace = "router";
       ips = [ "${vpnPrefix}::1/128" ];
author	Kjetil Orbekk <kj@orbekk.com>	2023-10-07 16:30:56 -0400
committer	Kjetil Orbekk <kj@orbekk.com>	2023-10-07 16:30:56 -0400
commit	22b9a7ca01eb508dcfdc7493c7c6191afa9bbf58 (patch)
tree	99a7e7efcd41283c8e17c1c5d82419caf8944904
parent	e34a984b21e4daef9a8dc133e994b1bf4ad55ce6 (diff)