leonetienne/stormwind-nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

realize l2 bridge utilization in vhosts

Browse Source
This commit is contained in:
RootHost-Stormwind
2026-01-26 21:06:08 +01:00
parent 62307984f5
commit 03a75c33e9
3 changed files with 16 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
networking.nix
View File

@@ -9,9 +9,8 @@
firewall = {
enable = true;
allowedTCPPorts = [ 80 443 8123 1883 8883 9001 20 21 50000 50001 50002 50003 50004 50005 22 2222 2223 990 989 445 111 2049 32765 32768 20048 ];
allowedUDPPorts = [ 111 2049 20048 32765 32768 ];
trustedInterfaces = [ "incusbr0" "incusbr2" ];
allowedTCPPorts = [ 53 80 443 8123 1883 8883 9001 20 21 50000 50001 50002 50003 50004 50005 22 2222 2223 990 989 445 111 2049 32765 32768 20048 ];
allowedUDPPorts = [ 53 67 68 111 2049 20048 32765 32768 ];
};
nftables.ruleset = ''
@@ -28,6 +27,12 @@
# allow vm to vm communication
iifname "tap*" oifname "tap*" accept
# allow vm dns
ether saddr 10:66:6a:06:f9:5e udp dport 53 accept
# allow vms on incusbr2 to go into lan
iifname "incusbr2" accept
# allow natted replies
iifname "incusbr2" oifname "incusbr0" tcp dport 8123 ct state new,established accept
iifname "incusbr2" oifname "incusbr0" tcp dport 80 ct state new,established accept
@@ -90,7 +95,6 @@
{ address = "192.168.0.19"; prefixLength = 24; }
];
macAddress = "2c:fd:a1:c1:13:b0";
mtu = 1280;
};
};