peprolinbot/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Add wireguard support trough NM and wg-tools

Browse source
This commit is contained in:
Pedro Rey Anca 2024-07-30 16:18:05 +02:00
parent 3fc6414afa
commit 3fe714ff73
2 changed files with 18 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
modules/core/network.nix
View file

@ -10,6 +10,23 @@
# { from = 4000; to = 4007; } # { from = 4000; to = 4007; }
# { from = 8000; to = 8010; } # { from = 8000; to = 8010; }
# ]; # ];
### https://nixos.wiki/wiki/WireGuard#Setting_up_WireGuard_with_NetworkManager
# if packets are still dropped, they will show up in dmesg
logReversePathDrops = true;
# wireguard trips rpfilter up
extraCommands = ''
iptables -t mangle -I nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN
ip6tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN
iptables -t mangle -I nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN
ip6tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN
'';
extraStopCommands = ''
iptables -t mangle -D nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN || true
ip6tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN || true
iptables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN || true
ip6tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN || true
'';
}; };
}; };

1
modules/home/packages.nix
View file

@ -42,6 +42,7 @@
yazi # terminal file manager yazi # terminal file manager
yt-dlp yt-dlp
zenity zenity
wireguard-tools
winetricks winetricks
wineWowPackages.wayland wineWowPackages.wayland
wtype wtype