public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/nat: use nixos-nat-out instead of OUTPUT

Browse Source
This commit is contained in:
volth 2020-01-11 10:35:39 +00:00 committed by Bjørn Forsman
parent 9605addd32
commit 6abba2294d
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/modules/services/networking/nat.nix
View File

@ -68,7 +68,7 @@ let
destinationPorts = if (m == null) then throw "bad ip:ports `${fwd.destination}'" else elemAt m 1; destinationPorts = if (m == null) then throw "bad ip:ports `${fwd.destination}'" else elemAt m 1;
in '' in ''
# Allow connections to ${loopbackip}:${toString fwd.sourcePort} from the host itself # Allow connections to ${loopbackip}:${toString fwd.sourcePort} from the host itself
iptables -w -t nat -A OUTPUT \ iptables -w -t nat -A nixos-nat-out \
-d ${loopbackip} -p ${fwd.proto} \ -d ${loopbackip} -p ${fwd.proto} \
--dport ${builtins.toString fwd.sourcePort} \ --dport ${builtins.toString fwd.sourcePort} \
-j DNAT --to-destination ${fwd.destination} -j DNAT --to-destination ${fwd.destination}