From b3b4d95033e5f3f94179dc5fcf013e0039fc3a42 Mon Sep 17 00:00:00 2001
From: Kjetil Orbekk <kj@orbekk.com>
Date: Thu, 5 Aug 2021 10:12:42 -0400
Subject: fixes

---
 config/router.nix | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

(limited to 'config')

diff --git a/config/router.nix b/config/router.nix
index 7244882..26be594 100644
--- a/config/router.nix
+++ b/config/router.nix
@@ -67,7 +67,7 @@ in {
       @def $DEV_LAN = (${lan-dev}.100);
       @def $DEV_ADMIN = (${lan-dev}.255);
       @def $DEV_WAN = (${wan-dev} he0 mullvad nycmesh);
-      @def $NET_LAN = (10.0.0.0/8 172.20.0.0/16);
+      @def $NET_LAN = (172.20.0.0/16);
 
       # Forward dns queries to dnsmasq on LAN interfaces.
       domain (ip ip6) table nat chain PREROUTING {
@@ -152,13 +152,16 @@ in {
       domain ip table nat {
         chain POSTROUTING {
           saddr $NET_LAN outerface $DEV_WAN MASQUERADE;
-          # saddr $NET_LAN daddr 172.20.30.1 MASQUERADE;
         }
       }
 
       domain (ip ip6) table mangle {
         chain PREROUTING {
           interface ${lan-dev}.30 MARK set-mark ${toString mullvadMark};
+        }
+      }
+      domain ip table mangle {
+        chain PREROUTING {
           interface ${lan-dev}.32 MARK set-mark ${toString nycmeshMark};
         }
       }
@@ -250,6 +253,7 @@ in {
       dhcp-option=net:vlan100,option:dns-server,172.20.100.1
 
       dhcp-range=vlan32,172.20.32.50,172.20.32.254,5m
+      dhcp-range=vlan32,::100,::500,constructor:bond0.32,slaac
       dhcp-option=net:vlan32,option:router,172.20.32.1
       dhcp-option=net:vlan32,option:dns-server,172.20.32.1
 
@@ -352,6 +356,10 @@ in {
       address = "172.20.32.1";
       prefixLength = 23;
     }];
+    ipv6.addresses = [{
+      address = "2001:470:8e2e:32::1";
+      prefixLength = 64;
+    }];
     useDHCP = false;
   };
 }
-- 
cgit v1.2.3