From 4c7f35bc75eb247b613b167f9c72f1bfa8888734 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Bourdeauducq?= Date: Mon, 6 May 2024 10:57:33 +0800 Subject: [PATCH] nixbld: allow routing between wifi and LAN --- nixbld-etc-nixos/configuration.nix | 9 --------- 1 file changed, 9 deletions(-) diff --git a/nixbld-etc-nixos/configuration.nix b/nixbld-etc-nixos/configuration.nix index cf284a39..d8630644 100644 --- a/nixbld-etc-nixos/configuration.nix +++ b/nixbld-etc-nixos/configuration.nix @@ -169,11 +169,6 @@ in { sourcePort = 2204; destination = "192.168.1.204:22"; proto = "tcp"; } ]; extraCommands = '' - iptables -w -N block-lan-from-wifi - iptables -w -A block-lan-from-wifi -i ${netifLan} -o ${netifWifi} -j DROP - iptables -w -A block-lan-from-wifi -i ${netifWifi} -o ${netifLan} -j DROP - iptables -w -A FORWARD -j block-lan-from-wifi - iptables -w -N block-insecure-devices iptables -w -A block-insecure-devices -m mac --mac-source 00:20:0c:6c:ee:ba -j DROP # keysight SA iptables -w -A block-insecure-devices -m mac --mac-source 74:5b:c5:20:c1:5f -j DROP # siglent scope @@ -187,10 +182,6 @@ in iptables -w -A FORWARD -j block-insecure-devices ''; extraStopCommands = '' - iptables -w -D FORWARD -j block-lan-from-wifi 2>/dev/null|| true - iptables -w -F block-lan-from-wifi 2>/dev/null|| true - iptables -w -X block-lan-from-wifi 2>/dev/null|| true - iptables -w -D FORWARD -j block-insecure-devices 2>/dev/null|| true iptables -w -F block-insecure-devices 2>/dev/null|| true iptables -w -X block-insecure-devices 2>/dev/null|| true