diff options
| -rw-r--r-- | os/kay/modules/router.nix | 24 | 
1 files changed, 20 insertions, 4 deletions
| diff --git a/os/kay/modules/router.nix b/os/kay/modules/router.nix index 0d01465..64c653c 100644 --- a/os/kay/modules/router.nix +++ b/os/kay/modules/router.nix @@ -1,6 +1,10 @@  { ... }: let    wanInterface = "ppp0"; +  gponInterface = "enp3s0"; +  gponHost = "192.168.38.2"; +  gponPrefix = 24; +    lanInterface = "enp8s0f3u1";    subnet = "10.0.0.0";    prefix = 24; @@ -19,10 +23,14 @@ in {        externalInterface = wanInterface;        internalInterfaces = [ lanInterface ];      }; -    interfaces."${lanInterface}" = { -      ipv4.addresses = [{  -        address = host; -        prefixLength  = prefix; +    interfaces = { +      ${lanInterface}.ipv4.addresses = [{ +          address = host; +          prefixLength  = prefix; +      }]; +      ${gponInterface}.ipv4.addresses = [{ +          address = gponHost; +          prefixLength  = gponPrefix;        }];      };      firewall = { @@ -36,6 +44,14 @@ in {          iptables -t mangle -A FORWARD -p tcp --tcp-flags SYN,RST SYN \              -o ${wanInterface} \              -j TCPMSS --clamp-mss-to-pmtu + +        iptables -t nat -I POSTROUTING 1 \ +            -s ${subnet}/${toString prefix} \ +            -o ${gponInterface} \ +            -j MASQUERADE +        iptables -t mangle -A FORWARD -p tcp --tcp-flags SYN,RST SYN \ +            -o ${gponInterface} \ +            -j TCPMSS --clamp-mss-to-pmtu        '';      };    }; | 
