diff options
| author | quentin@aristote.fr <quentin@aristote.fr> | 2024-07-27 18:05:03 +0200 |
|---|---|---|
| committer | quentin@aristote.fr <quentin@aristote.fr> | 2024-07-27 18:05:03 +0200 |
| commit | 5688a8b251ee71bf35466d58573c91cb0710a322 (patch) | |
| tree | 9322b4b1a21d95553c66f36497a0ae1d7891a240 /config/networking/services | |
| parent | 29bdd0b1804ea997c76085286e22d430e427a063 (diff) | |
networking: firewall: allow kdeconnect on eth0 <-> wan
Diffstat (limited to 'config/networking/services')
| -rw-r--r-- | config/networking/services/firewall/ruleset.nix | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/config/networking/services/firewall/ruleset.nix b/config/networking/services/firewall/ruleset.nix index 47aa49b..055bc3c 100644 --- a/config/networking/services/firewall/ruleset.nix +++ b/config/networking/services/firewall/ruleset.nix @@ -127,6 +127,8 @@ in { }; iot_wan.rules = rulesCommon.sonos.player-controller; wan_iot.rules = with rulesCommon; sonos.controller-player + ssdp; + wan_eth0.rules = rulesCommon.kdeconnect; + eth0_wan.rules = rulesCommon.kdeconnect; forward = makeBaseChain "filter" "forward" { rules = with rulesCommon; '' @@ -136,10 +138,14 @@ in { + '' meta oifname ${nets.lan.interface} accept meta iifname . meta oifname vmap \ - { ${nets.wan.interface} . ${nets.iot.interface} \ - : goto wan_iot \ - , ${nets.iot.interface} . ${nets.wan.interface} \ - : goto iot_wan } + { ${nets.wan.interface} . ${nets.iot.interface} \ + : goto wan_iot \ + , ${nets.iot.interface} . ${nets.wan.interface} \ + : goto iot_wan \ + , ${nets.wan.interface} . ${nets.eth0.interface} \ + : goto wan_eth0 \ + , ${nets.eth0.interface} . ${nets.wan.interface} \ + : goto eth0_wan } ''; }; }; |