summaryrefslogtreecommitdiff
path: root/modules/router.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/router.nix')
-rw-r--r--modules/router.nix8
1 files changed, 5 insertions, 3 deletions
diff --git a/modules/router.nix b/modules/router.nix
index 9251229..ff893df 100644
--- a/modules/router.nix
+++ b/modules/router.nix
@@ -158,6 +158,7 @@ let
extraConfig = ''
noipv6rs
noipv6
+ nohook resolv.conf
interface wan-vport
dhcp
'';
@@ -210,9 +211,10 @@ let
oifname wan-vport counter accept
oifname mullvad counter accept
- ip daddr 172.20.30.2 th dport 9091 counter accept;
+ ip daddr 172.20.30.2 th dport {9091, 56732} counter accept;
oifname servers-vport meta l4proto {tcp, udp} th dport $SERVER_WAN_PORTS counter accept
iifname lan-vport oifname servers-vport meta l4proto {tcp, udp} th dport $SERVER_LAN_PORTS counter accept
+ iifname vpn-vport oifname servers-vport meta l4proto {tcp, udp} th dport $SERVER_LAN_PORTS counter accept
iifname servers-vport counter accept
counter drop
@@ -232,8 +234,8 @@ let
table inet nat {
chain prerouting {
type nat hook prerouting priority -100; policy accept
- meta nfproto ipv4 iifname wan-vport tcp dport $SERVER_WAN_PORTS dnat to 172.20.20.2
- meta nfproto ipv4 iifname vpn-vport tcp dport 55324 dnat to 172.20.30.2
+ meta nfproto ipv4 iifname wan-vport tcp dport $SERVER_WAN_PORTS dnat to 172.20.30.2
+ meta nfproto ipv4 iifname mullvad tcp dport 56732 dnat to 172.20.30.2
}
chain postrouting {
type nat hook postrouting priority 100; policy accept
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-30 09:04:40 +0000