Probably good to exclude the right port from wireguard

This commit is contained in:
Lillian Violet 2024-01-06 16:51:03 +01:00
parent c53a24e77f
commit c727773a14

View file

@ -69,7 +69,7 @@
-m addrtype ! --dst-type LOCAL \ -m addrtype ! --dst-type LOCAL \
-j REJECT -j REJECT
${pkgs.iptables}/bin/iptables -I OUTPUT -o lo -p tcp \ ${pkgs.iptables}/bin/iptables -I OUTPUT -o lo -p tcp \
--dport 8112 -m state --state NEW,ESTABLISHED -j ACCEPT --dport 6969 -m state --state NEW,ESTABLISHED -j ACCEPT
${pkgs.iptables}/bin/iptables -I OUTPUT -s 192.168.100.10/24 -d 192.168.100.11/24 \ ${pkgs.iptables}/bin/iptables -I OUTPUT -s 192.168.100.10/24 -d 192.168.100.11/24 \
-j ACCEPT -j ACCEPT
''; '';