avahi

author: Kjetil Orbekk <kj@orbekk.com> 2023-12-26 18:53:49 -0500
committer: Kjetil Orbekk <kj@orbekk.com> 2023-12-26 18:53:49 -0500
commit: e4e3ad196af66d5adc2d1a99e06a871804b43f09 (patch)
tree: e59034f1b326e3c27355150c09fccfd57c5e69e9 /modules
parent: 747ba4653e24ad5c33a114b412871c86db9dd693 (diff)
1 files changed, 8 insertions, 2 deletions
diff --git a/modules/router.nix b/modules/router.nix
index ace0b57..bc4a83f 100644
--- a/modules/router.nix
+++ b/modules/router.nix
@@ -196,6 +196,13 @@ let
       let
         ports-to-csv = ports: concatStringsSep "," (map toString ports);
       in ''
+        define LAN_INTERFACES = {
+          "vpnlan-vport",
+          "lan-vport",
+          "servers-vport",
+          "dragon-vport",
+          "dragonvpn-vport",
+        };
         define SERVER_WAN_PORTS = {
           ssh, domain, http, https,
           ${toString mullvadPort}
@@ -212,8 +219,7 @@ let
 
             ct state {established, related} counter accept
             meta l4proto {tcp, udp} th dport {bootps, bootpc, domain, dhcpv6-client, dhcpv6-server, ${toString vpnPort}} counter accept
-            iifname vpnlan-vport meta l4proto {tcp, udp} th dport mdns counter accept comment "avahi/mdns"
-            iifname lan-vport meta l4proto {tcp, udp} th dport mdns counter accept comment "avahi/mdns"
+            iifname $LAN_INTERFACES meta l4proto {tcp, udp} th dport mdns counter accept comment "avahi/mdns"
 
             ip protocol ipv6 counter accept comment "sit tunnel"
             ip protocol icmp limit rate 4/second counter accept comment "icmp v4"
author	Kjetil Orbekk <kj@orbekk.com>	2023-12-26 18:53:49 -0500
committer	Kjetil Orbekk <kj@orbekk.com>	2023-12-26 18:53:49 -0500
commit	e4e3ad196af66d5adc2d1a99e06a871804b43f09 (patch)
tree	e59034f1b326e3c27355150c09fccfd57c5e69e9 /modules
parent	747ba4653e24ad5c33a114b412871c86db9dd693 (diff)