Update firewall

author: Kjetil Orbekk <kj@orbekk.com> 2022-12-17 10:50:16 -0500
committer: Kjetil Orbekk <kj@orbekk.com> 2022-12-17 10:50:16 -0500
commit: 9e78164f0946847893fb3d0ace73f41ad7ee06c7 (patch)
tree: de14ce6f99a857464dca69efe74b4f92505a22ed
parent: c2b9ec957cc231033fde072cc4a4281527b5787e (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/config/router.nix b/config/router.nix
index e43259b..d15da89 100644
--- a/config/router.nix
+++ b/config/router.nix
@@ -107,11 +107,13 @@ in {
             }) ACCEPT;
           }
 
+          interface ($DEV_LAN $DEV_UNTRUSTED_LAN) {
+            proto (tcp udp) dport 1080 ACCEPT; # socks proxy
+          }
+
           interface ($DEV_LAN $DEV_ADMIN) @subchain "lan_services" {
             proto (tcp udp) dport 5000 ACCEPT; # random debugging
 
-            proto (tcp udp) dport 1080 ACCEPT; # socks proxy
-
             proto (tcp udp) dport postgresql ACCEPT; # internal network only!
 
             proto (tcp udp) dport (ssh domain bootpc bootps ntp) ACCEPT;
author	Kjetil Orbekk <kj@orbekk.com>	2022-12-17 10:50:16 -0500
committer	Kjetil Orbekk <kj@orbekk.com>	2022-12-17 10:50:16 -0500
commit	9e78164f0946847893fb3d0ace73f41ad7ee06c7 (patch)
tree	de14ce6f99a857464dca69efe74b4f92505a22ed
parent	c2b9ec957cc231033fde072cc4a4281527b5787e (diff)