Probably good to exclude the right port from wireguard
This commit is contained in:
parent
c53a24e77f
commit
c727773a14
|
@ -69,7 +69,7 @@
|
||||||
-m addrtype ! --dst-type LOCAL \
|
-m addrtype ! --dst-type LOCAL \
|
||||||
-j REJECT
|
-j REJECT
|
||||||
${pkgs.iptables}/bin/iptables -I OUTPUT -o lo -p tcp \
|
${pkgs.iptables}/bin/iptables -I OUTPUT -o lo -p tcp \
|
||||||
--dport 8112 -m state --state NEW,ESTABLISHED -j ACCEPT
|
--dport 6969 -m state --state NEW,ESTABLISHED -j ACCEPT
|
||||||
${pkgs.iptables}/bin/iptables -I OUTPUT -s 192.168.100.10/24 -d 192.168.100.11/24 \
|
${pkgs.iptables}/bin/iptables -I OUTPUT -s 192.168.100.10/24 -d 192.168.100.11/24 \
|
||||||
-j ACCEPT
|
-j ACCEPT
|
||||||
'';
|
'';
|
||||||
|
|
Loading…
Reference in a new issue