zentralwerk/network
zentralwerk
/
network
12
4
Fork 2
Code Issues 4 Pull Requests 1 Releases Wiki Activity

nixos-module/container/upstream: allow smtp from flpk too

This commit is contained in:
Astro 2022-12-18 23:55:03 +01:00
parent 5a3194b23c
commit a1f2e2a1d6
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
nix/nixos-module/container/upstream.nix
View File

@ -77,6 +77,7 @@ in
iptables -N fwd_smtp || \
iptables -F fwd_smtp
iptables -A fwd_smtp --source ${config.site.net.serv.subnet4} -j RETURN
iptables -A fwd_smtp --source ${config.site.net.flpk.subnet4} -j RETURN
iptables -A fwd_smtp -j REJECT
iptables -I FORWARD -p tcp --dport 25 -j fwd_smtp
@ -85,7 +86,10 @@ in
${lib.concatMapStrings (subnet6: ''
ip6tables -A fwd_smtp --source ${subnet6} -j RETURN
ip6tables -A fwd_smtp --dest ${subnet6} -j RETURN
'') (builtins.attrValues config.site.net.serv.subnets6)}
'') (builtins.concatMap builtins.attrValues [
config.site.net.serv.subnets6
config.site.net.flpk.subnets6
])}
ip6tables -A fwd_smtp -j REJECT
ip6tables -I FORWARD -p tcp --dport 25 -j fwd_smtp