mirror of
https://github.com/Nickiel12/nicks-nix-config.git
synced 2024-11-24 21:55:28 -08:00
Compare commits
No commits in common. "2d9584458851bf94ac897051535680cb7c1b150d" and "97a530c61c2d3bbb6f7f1cd1e551fe752db13810" have entirely different histories.
2d95844588
...
97a530c61c
1 changed files with 6 additions and 4 deletions
|
@ -39,14 +39,16 @@ in
|
||||||
type filter hook prerouting priority raw; policy accept;
|
type filter hook prerouting priority raw; policy accept;
|
||||||
|
|
||||||
# ip daddr 100.64.0.1 dport != 22 nftrace set 1;
|
# ip daddr 100.64.0.1 dport != 22 nftrace set 1;
|
||||||
# iifname "tailscale0" ip daddr != 100.64.0.1 nftrace set 1;
|
iifname "tailscale0" ip daddr != 100.64.0.1 nftrace set 1;
|
||||||
iifname "tailscale0" ip daddr != 100.64.0.0/16 mark set 51820;
|
iifname "tailscale0" ip daddr != 100.64.0.0/16 mark set 51820;
|
||||||
|
iifname "protonvpn" mark set 51820;
|
||||||
|
}
|
||||||
|
chain postrouting {
|
||||||
|
type nat hook postrouting priority srcnat; policy accept;
|
||||||
|
iifname "tailscale0" ip daddr != 100.64.0.1 masquerade;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
${pkgs.wireguard-tools}/bin/wg set protonvpn fwmark off
|
|
||||||
|
|
||||||
# table inet tailscale-wg { for ipv4 + ipv6
|
# table inet tailscale-wg { for ipv4 + ipv6
|
||||||
${pkgs.iproute2}/bin/ip -4 rule del not fwmark 51820 table 51820
|
${pkgs.iproute2}/bin/ip -4 rule del not fwmark 51820 table 51820
|
||||||
# ${pkgs.iproute2}/bin/ip -6 rule del not fwmark 51820 table 51820
|
# ${pkgs.iproute2}/bin/ip -6 rule del not fwmark 51820 table 51820
|
||||||
|
|
Loading…
Reference in a new issue