diff options
| author | Kjetil Orbekk <kj@orbekk.com> | 2023-04-29 18:24:23 -0400 |
|---|---|---|
| committer | Kjetil Orbekk <kj@orbekk.com> | 2023-04-29 18:24:23 -0400 |
| commit | 397acb309c245c52064eb2500c3ee3df2bbfc97f (patch) | |
| tree | 0abadc0716fd8d41d2a0913d8f7b5b8b85e39c12 | |
| parent | 654ef64e5b9e39213cd19610c0eabe2918a2f178 (diff) | |
Dragon cahnges
| -rw-r--r-- | machines/dragon.nix | 5 | ||||
| -rw-r--r-- | modules/router.nix | 4 |
2 files changed, 8 insertions, 1 deletions
diff --git a/machines/dragon.nix b/machines/dragon.nix index 317d1b6..bc585ec 100644 --- a/machines/dragon.nix +++ b/machines/dragon.nix @@ -54,6 +54,11 @@ in { settings.peer-port = 56732; settings.rpc-bind-address = "0.0.0.0"; settings.rpc-whitelist = "172.20.*.*"; + settings.alt-speed-time-enabled = true; + settings.alt-speed-time-begin = 6 * 60; # 06:00 + settings.alt-speed-time-end = 23 * 60 + 59; # 23:59 + settings.alt-speed-up = 0; + settings.alt-speed-down = 0; }; systemd.services.transmission.serviceConfig.NetworkNamespacePath = "/var/run/netns/vpn"; users.users.transmission.extraGroups = ["readonly"]; diff --git a/modules/router.nix b/modules/router.nix index b73c3e2..08b12e3 100644 --- a/modules/router.nix +++ b/modules/router.nix @@ -214,9 +214,11 @@ let oifname wan-vport counter accept oifname mullvad counter accept + # Transmission ip daddr 172.20.20.2 th dport {9091, 56732} counter accept; oifname servers-vport meta l4proto {tcp, udp} th dport $SERVER_WAN_PORTS counter accept oifname lan-vport meta l4proto {tcp, udp} th dport 34197 counter accept + iifname lan-vport oifname vpnlan-vport counter accept iifname lan-vport oifname servers-vport meta l4proto {tcp, udp} th dport $SERVER_LAN_PORTS counter accept iifname vpnlan-vport oifname servers-vport meta l4proto {tcp, udp} th dport $SERVER_LAN_PORTS counter accept iifname servers-vport counter accept @@ -239,7 +241,7 @@ let chain prerouting { type nat hook prerouting priority -100; policy accept meta nfproto ipv4 iifname wan-vport udp dport 34197 counter dnat to 172.20.100.214 - meta nfproto ipv4 iifname wan-vport tcp dport $SERVER_WAN_PORTS counter dnat to 172.20.20.2 + meta nfproto ipv4 iifname wan-vport meta l4proto {tcp, udp} th dport $SERVER_WAN_PORTS counter dnat to 172.20.20.2 meta nfproto ipv4 iifname mullvad tcp dport 56732 counter dnat to 172.20.20.2 } chain postrouting { |