os/kay/firewall: refactorHEAD master

author: sinanmohd <sinan@sinanmohd.com> 2025-04-23 00:10:48 +0530
committer: sinanmohd <sinan@sinanmohd.com> 2025-04-23 00:10:48 +0530
commit: 7e36e8160d2985ffb90f2198c755208cd598cd75 (patch)
tree: bb197836ff29b2a6e6a7005c8da5d60f9cab5a5b /os/kay/modules/wireguard.nix
parent: fcc33bf3c389dbfce80eafcb1fb5287f1beeebc9 (diff)
1 files changed, 1 insertions, 9 deletions
diff --git a/os/kay/modules/wireguard.nix b/os/kay/modules/wireguard.nix
index 4256dd3..21cec06 100644
--- a/os/kay/modules/wireguard.nix
+++ b/os/kay/modules/wireguard.nix
@@ -52,16 +52,8 @@ in {
       externalInterface = wanInterface;
       internalInterfaces = [ wgInterface ];
     };
-    firewall = {
-      allowedUDPPorts = [ port ];
-      extraCommands = ''
-        iptables -t nat -I POSTROUTING 1 \
-            -s ${subnet}/${toString prefix} \
-            -o ${wanInterface} \
-            -j MASQUERADE
-      '';
-    };
 
+    firewall.allowedUDPPorts = [ port ];
     wg-quick.interfaces.${wgInterface}.configFile = builtins.toString wgConf;
   };
author	sinanmohd <sinan@sinanmohd.com>	2025-04-23 00:10:48 +0530
committer	sinanmohd <sinan@sinanmohd.com>	2025-04-23 00:10:48 +0530
commit	7e36e8160d2985ffb90f2198c755208cd598cd75 (patch)
tree	bb197836ff29b2a6e6a7005c8da5d60f9cab5a5b /os/kay/modules/wireguard.nix
parent	fcc33bf3c389dbfce80eafcb1fb5287f1beeebc9 (diff)