From 7f7175ca9d76ef1f81a671408de44f5c76c8375a Mon Sep 17 00:00:00 2001 From: Lillian-Violet Date: Fri, 6 Dec 2024 19:52:22 +0100 Subject: [PATCH] add masquerade to iptables to enable ip forwarding --- nixos/hosts/wheatley/configuration.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/nixos/hosts/wheatley/configuration.nix b/nixos/hosts/wheatley/configuration.nix index b054a2a..3c697b9 100644 --- a/nixos/hosts/wheatley/configuration.nix +++ b/nixos/hosts/wheatley/configuration.nix @@ -205,6 +205,11 @@ }; }; + boot.kernel.sysctl."net.ipv4.ip_forward" = 1; + + networking.firewall.extraCommands = '' + iptables -t nat -A POSTROUTING -s 10.5.5.1/24 ! -d 10.5.5.1/24 -j MASQUERADE + ''; networking.firewall = { enable = true; allowPing = false;