diff options
| author | Alex Auvolat <alex@adnab.me> | 2022-05-09 00:29:17 +0200 |
|---|---|---|
| committer | Alex Auvolat <alex@adnab.me> | 2022-05-09 00:29:17 +0200 |
| commit | 1e233417104c2f0659cca202c7d06031ba0d9dd6 (patch) | |
| tree | e20d1607c9250965380e5f91eaf4db53b47c4028 | |
| parent | 178107af0ce6df62d36004cdcb3f3a8414f6a6a5 (diff) | |
| download | nixcfg-1e233417104c2f0659cca202c7d06031ba0d9dd6.tar.gz nixcfg-1e233417104c2f0659cca202c7d06031ba0d9dd6.zip | |
Fix firewall rule for IGD
| -rw-r--r-- | nix/deuxfleurs.nix | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/nix/deuxfleurs.nix b/nix/deuxfleurs.nix index ae472ab..055ac55 100644 --- a/nix/deuxfleurs.nix +++ b/nix/deuxfleurs.nix @@ -219,7 +219,7 @@ in # Allow specific hosts access to specific things in the cluster extraCommands = '' # Allow everything from router (usefull for UPnP/IGD) - iptables -A INPUT -s 192.168.1.254 -j ACCEPT + iptables -A INPUT -s ${cfg.lan_default_gateway} -j ACCEPT # Allow docker containers to access all ports iptables -A INPUT -s 172.17.0.0/16 -j ACCEPT @@ -230,7 +230,7 @@ in # When stopping firewall, delete all rules that were configured manually above extraStopCommands = '' - iptables -D INPUT -s 192.168.1.254 -j ACCEPT + iptables -D INPUT -s ${cfg.lan_default_gateway} -j ACCEPT iptables -D INPUT -s 172.17.0.0/16 -j ACCEPT iptables -D INPUT -s ${cfg.wesher_cluster_prefix}/${toString cfg.wesher_cluster_prefix_length} -j ACCEPT ''; |