diff options
| author | sinanmohd <sinan@sinanmohd.com> | 2024-01-29 20:27:43 +0530 |
|---|---|---|
| committer | sinanmohd <sinan@sinanmohd.com> | 2024-01-29 21:18:13 +0530 |
| commit | 26dec78b3169960b2daa8d324ef7af47100337e4 (patch) | |
| tree | 8090364b66dc4907a37681d19ce256205baa46cb /hosts/kay/modules | |
| parent | 756549f01053cff8e32bacc1250c8191297a39c1 (diff) | |
kay/network/he: always accept 6in4 tunnels from he remote
Diffstat (limited to 'hosts/kay/modules')
| -rw-r--r-- | hosts/kay/modules/hurricane.nix | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/hosts/kay/modules/hurricane.nix b/hosts/kay/modules/hurricane.nix index b32601c..7988c63 100644 --- a/hosts/kay/modules/hurricane.nix +++ b/hosts/kay/modules/hurricane.nix @@ -24,6 +24,9 @@ in enable = true; rttablesExtraConfig = "200 hurricane"; }; + + firewall.extraCommands = + "iptables -A INPUT --proto 41 --source ${remote} --jump ACCEPT"; }; sops.secrets = { @@ -84,12 +87,6 @@ in done ip tunnel change ${iface} local "$wan_ip" mode sit - - # for unknown reason gateway don't seems to know where to route - # incoming traffic if we do not ping the gateway after ip change - while ! ping -c1 ${gateway}; do - sleep 1 - done ''; }; } |