From b23b687dfba85f7131ae4e39040761f4e78fbe53 Mon Sep 17 00:00:00 2001
From: Astro <astro@spaceboyz.net>
Date: Fri, 14 May 2021 18:37:45 +0200
Subject: [PATCH] nixos-module/container/upstream: add proper
 networking.nat.extraStopCommands

---
 nix/nixos-module/container/upstream.nix | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/nix/nixos-module/container/upstream.nix b/nix/nixos-module/container/upstream.nix
index 8461e70..322cb53 100644
--- a/nix/nixos-module/container/upstream.nix
+++ b/nix/nixos-module/container/upstream.nix
@@ -53,7 +53,6 @@ in
     extraCommands =
       builtins.concatStringsSep "\n" (
         map (net: ''
-          ip6tables -t nat -X ${net}_nat || true
           ip6tables -t nat -N ${net}_nat
           ${builtins.concatStringsSep "\n" (
             map (subnet: ''
@@ -69,6 +68,13 @@ in
             -j ${net}_nat
         '') (builtins.attrNames upstreamInterfaces)
       );
+    extraStopCommands =
+      builtins.concatStringsSep "\n" (
+        map (net: ''
+          ip6tables -t nat -F POSTROUTING
+          ip6tables -t nat -X ${net}_nat
+        '') (builtins.attrNames upstreamInterfaces)
+      );
     inherit (hostConf) forwardPorts;
   };
 }