From 9e78164f0946847893fb3d0ace73f41ad7ee06c7 Mon Sep 17 00:00:00 2001
From: Kjetil Orbekk <kj@orbekk.com>
Date: Sat, 17 Dec 2022 10:50:16 -0500
Subject: Update firewall

---
 config/router.nix | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/config/router.nix b/config/router.nix
index e43259b..d15da89 100644
--- a/config/router.nix
+++ b/config/router.nix
@@ -107,11 +107,13 @@ in {
             }) ACCEPT;
           }
 
+          interface ($DEV_LAN $DEV_UNTRUSTED_LAN) {
+            proto (tcp udp) dport 1080 ACCEPT; # socks proxy
+          }
+
           interface ($DEV_LAN $DEV_ADMIN) @subchain "lan_services" {
             proto (tcp udp) dport 5000 ACCEPT; # random debugging
 
-            proto (tcp udp) dport 1080 ACCEPT; # socks proxy
-
             proto (tcp udp) dport postgresql ACCEPT; # internal network only!
 
             proto (tcp udp) dport (ssh domain bootpc bootps ntp) ACCEPT;
-- 
cgit v1.2.3