leonetienne/stormwind-nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

networking rulez

Browse Source
This commit is contained in:
RootHost-Stormwind
2025-07-02 08:37:50 +02:00
parent da0535eb09
commit fd22ef10cc
2 changed files with 26 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
networking.nix
View File

@@ -11,31 +11,32 @@
table ip nat { table ip nat {
chain PREROUTING { chain PREROUTING {
type nat hook prerouting priority dstnat; policy accept; type nat hook prerouting priority dstnat; policy accept;
iifname "enp3s0" tcp dport 80 dnat to 10.94.157.2:80 iifname "enp4s0" tcp dport 80 dnat to 10.94.157.2:80
iifname "enp3s0" tcp dport 443 dnat to 10.94.157.2:443 iifname "enp4s0" tcp dport 443 dnat to 10.94.157.2:443
iifname "enp3s0" tcp dport 20 dnat to 10.94.157.2:20 iifname "enp4s0" tcp dport 20 dnat to 10.94.157.2:20
iifname "enp3s0" tcp dport 21 dnat to 10.94.157.2:21 iifname "enp4s0" tcp dport 21 dnat to 10.94.157.2:21
iifname "enp3s0" tcp dport 22 dnat to 10.94.157.2:22 iifname "enp4s0" tcp dport 22 dnat to 10.94.157.2:22
iifname "enp3s0" tcp dport 990 dnat to 10.94.157.2:990 iifname "enp4s0" tcp dport 2223 dnat to 10.94.157.2:2223
iifname "enp3s0" tcp dport 989 dnat to 10.94.157.2:989 iifname "enp4s0" tcp dport 990 dnat to 10.94.157.2:990
iifname "enp3s0" tcp dport 445 dnat to 10.94.157.2:445 iifname "enp4s0" tcp dport 989 dnat to 10.94.157.2:989
iifname "enp3s0" tcp dport 111 dnat to 10.94.157.2:111 iifname "enp4s0" tcp dport 445 dnat to 10.94.157.2:445
iifname "enp3s0" udp dport 111 dnat to 10.94.157.2:111 iifname "enp4s0" tcp dport 111 dnat to 10.94.157.2:111
iifname "enp3s0" tcp dport 2049 dnat to 10.94.157.2:2049 iifname "enp4s0" udp dport 111 dnat to 10.94.157.2:111
iifname "enp3s0" udp dport 2049 dnat to 10.94.157.2:2049 iifname "enp4s0" tcp dport 2049 dnat to 10.94.157.2:2049
iifname "enp3s0" tcp dport 32765 dnat to 10.94.157.2:32765 iifname "enp4s0" udp dport 2049 dnat to 10.94.157.2:2049
iifname "enp3s0" udp dport 32765 dnat to 10.94.157.2:32765 iifname "enp4s0" tcp dport 32765 dnat to 10.94.157.2:32765
iifname "enp3s0" tcp dport 32768 dnat to 10.94.157.2:32768 iifname "enp4s0" udp dport 32765 dnat to 10.94.157.2:32765
iifname "enp3s0" udp dport 32768 dnat to 10.94.157.2:32768 iifname "enp4s0" tcp dport 32768 dnat to 10.94.157.2:32768
iifname "enp3s0" tcp dport 20048 dnat to 10.94.157.2:20048 iifname "enp4s0" udp dport 32768 dnat to 10.94.157.2:32768
iifname "enp3s0" udp dport 20048 dnat to 10.94.157.2:20048 iifname "enp4s0" tcp dport 20048 dnat to 10.94.157.2:20048
iifname "enp4s0" udp dport 20048 dnat to 10.94.157.2:20048
} }
} }
''; '';
}; };
firewall = { firewall = {
allowedTCPPorts = [ 80 443 20 21 22 990 989 445 111 2049 32765 32768 20048 ]; allowedTCPPorts = [ 80 443 20 21 22 2223 990 989 445 111 2049 32765 32768 20048 ];
allowedUDPPorts = [ 111 2049 20048 32765 32768 ]; allowedUDPPorts = [ 111 2049 20048 32765 32768 ];
}; };
@@ -70,6 +71,11 @@
proto = "tcp"; proto = "tcp";
destination = "10.94.157.2:22"; destination = "10.94.157.2:22";
} }
{
sourcePort = 2223;
proto = "tcp";
destination = "10.94.157.2:2223";
}
{ {
sourcePort = 990; sourcePort = 990;
proto = "tcp"; proto = "tcp";

2
user/stormwind/master.nix
View File

@@ -34,8 +34,8 @@
packages = with pkgs; []; packages = with pkgs; [];
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN813v9B9Af6u3lvoPkcMzbh3/3gwRNLi58HCOjVLE0N''
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsZZ1qSy+cu1QMlPoZZ2ovv8G+4OIyI07/di68F7NtZ leon macbook'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsZZ1qSy+cu1QMlPoZZ2ovv8G+4OIyI07/di68F7NtZ leon macbook''
''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCtoTBVNYtsmDLM6vB2PjWIsJ+8gzzTe+j/uFT6usF/rudJN7SU9iSvoQkJhximjcK7ZWbRKJyX84aOv4b/S5ZD5vduxkb+oJlp2dGUagNYkhVTTRhkfgVKmTceD2jlauAIELlCQEm1Y3REEGZHkatc6Hy8yHtqYLixClF3fvO8NAE9NyC7ntgiKkFNhC7UjmCVAA0T97mYAvd5Q7kAeBzcU6Hcz7WsASwHoTxwUcTdqMjZXghxPgN8R+4zNr5P9PYNI2i+F2OzFxqr7Ipg9QbTSgDU+wtTWEvwxeUmZMJTf4xmjF/WmU9NxP61bbtC8U1k31hOqbKXar//oACa/XKLtaqyWiN/iEwWeiGD2WcJizRq+y8Y6mfgXHbogB7Ro7/vSlSkccSs+Ibeu4u8/wjVWQTu7cO3ZG/R4HYsW/tFLdMCzeYWFim19m3EuGpZfKFv7fzlG4Xm9XZFjpROEZPGdYPN0gI4zzVe1Xh/y5oxM1/gQwolRSnT8sFrQpv0x04dZbmV8ub+AygGNfXN8UlYkBjEZVKRzDwbSCvIikNh18V7cvTlD1wCludIwL6XCGWiOuGBE797qkr3Wy+wS5yDp+9CQeqWnqz6k6A4j6oBKZzwxfhMBauZCBnAcI5K9BwxzAG24EgpdjJ9vk7kOq41qdxj5esiC58nFdZB0MaE6Q== leon-macbook-key''
]; ];
}; };