From ff7006318cd00a9b059927edd10e772c7e854dd2 Mon Sep 17 00:00:00 2001
From: Kjetil Orbekk <kj@orbekk.com>
Date: Mon, 8 Mar 2021 19:57:51 -0500
Subject: mullvad setup

---
 config/router.nix | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'config')

diff --git a/config/router.nix b/config/router.nix
index 3003c0e..83a2d64 100644
--- a/config/router.nix
+++ b/config/router.nix
@@ -2,8 +2,11 @@
 let
   wan-dev = "eno1";
   lan-dev = "eno2";
+  mullvadPort = config.orbekk.mullvad.listenPort;
 in
 {
+  orbekk.mullvad.enable = true;
+
   networking.networkmanager.enable = lib.mkForce false;
 
   networking.nameservers = [ "8.8.8.8" ];
@@ -61,6 +64,7 @@ in
             proto tcp dport ssh ACCEPT;
             proto (tcp udp) dport domain ACCEPT;
             proto tcp dport (http https) ACCEPT;
+            proto udp dport ${mullvadPort} ACCEPT;
           }
 
           interface $DEV_LAN @subchain "lan_services" {
-- 
cgit v1.2.3