esavkin
/
it-infra
forked from M-Labs/it-infra
1
0
Fork 0
Code Pull Requests Activity

aux: chiron port redirect

This commit is contained in:
Sebastien Bourdeauducq 2022-09-30 17:39:07 +08:00
parent 0c8019516d
commit bc848547fd
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
aux-etc-nixos/configuration.nix
View File

@ -75,6 +75,9 @@ in
no-resolv no-resolv
# Static IPv4s to make port redirections work
dhcp-host=chiron,192.168.14.201
# Google can't do DNS geolocation correctly and slows down websites of everyone using # Google can't do DNS geolocation correctly and slows down websites of everyone using
# their shitty font cloud hosting. In HK, you sometimes get IPs behind the GFW that you # their shitty font cloud hosting. In HK, you sometimes get IPs behind the GFW that you
# cannot reach. # cannot reach.
@ -85,6 +88,9 @@ in
enable = true; enable = true;
externalInterface = netifWan; externalInterface = netifWan;
internalInterfaces = [ netifLan netifWifi ]; internalInterfaces = [ netifLan netifWifi ];
forwardPorts = [
{ sourcePort = 2201; destination = "192.168.14.201:22"; proto = "tcp"; }
];
extraCommands = '' extraCommands = ''
iptables -w -N block-lan-from-wifi iptables -w -N block-lan-from-wifi
iptables -w -A block-lan-from-wifi -i ${netifLan} -o ${netifWifi} -j DROP iptables -w -A block-lan-from-wifi -i ${netifLan} -o ${netifWifi} -j DROP