Nickiel/nicks-nix-config
1
0
Fork 0
mirror of https://github.com/Nickiel12/nicks-nix-config.git synced 2024-11-22 12:49:32 -08:00
Code Issues Projects Releases Packages Wiki Activity

working tailscale<->protonvpn configuration

Browse source
This commit is contained in:
Nickiel12 2024-01-06 21:00:13 -08:00
parent 97a530c61c
commit fa2e3f38be
1 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
hosts/Alaska/modules/protonvpn.nix
View file

@ -39,16 +39,19 @@ in
type filter hook prerouting priority raw; policy accept; type filter hook prerouting priority raw; policy accept;
# ip daddr 100.64.0.1 dport != 22 nftrace set 1; # ip daddr 100.64.0.1 dport != 22 nftrace set 1;
iifname "tailscale0" ip daddr != 100.64.0.1 nftrace set 1; # iifname "tailscale0" ip daddr != 100.64.0.1 nftrace set 1;
iifname "tailscale0" ip daddr != 100.64.0.0/16 mark set 51820; iifname "tailscale0" ip daddr != 100.64.0.0/16 mark set 51820;
iifname "protonvpn" mark set 51820;
} }
chain postrouting { chain postrouting {
type nat hook postrouting priority srcnat; policy accept; type nat hook postrouting priority srcnat; policy accept;
iifname "tailscale0" ip daddr != 100.64.0.1 masquerade; iifname "tailscale0" oifname "protonvpn" ip daddr != 100.64.0.1 masquerade;
} }
} }
EOF EOF
${pkgs.wireguard-tools}/bin/wg set protonvpn fwmark off
# ${pkgs.iproute2}/bin/ip route add default via 10.2.0.2 dev tailscale0 table 51820
# table inet tailscale-wg { for ipv4 + ipv6 # table inet tailscale-wg { for ipv4 + ipv6
${pkgs.iproute2}/bin/ip -4 rule del not fwmark 51820 table 51820 ${pkgs.iproute2}/bin/ip -4 rule del not fwmark 51820 table 51820
# ${pkgs.iproute2}/bin/ip -6 rule del not fwmark 51820 table 51820 # ${pkgs.iproute2}/bin/ip -6 rule del not fwmark 51820 table 51820