diff options
author | lassulus <lassulus@lassul.us> | 2023-01-02 18:48:12 +0100 |
---|---|---|
committer | lassulus <lassulus@lassul.us> | 2023-01-02 18:48:12 +0100 |
commit | a38c39424f29bbdfe1493061da05326f9d05d4a0 (patch) | |
tree | 02eff327716835e4ac13c32cbcda698647f859a5 /lass/3modules/sync-containers3.nix | |
parent | 7bbcac3e5ee3ad65762e54d85a1786d077cca699 (diff) |
l sync-containers3: allow ctr0 in FORWARD
Diffstat (limited to 'lass/3modules/sync-containers3.nix')
-rw-r--r-- | lass/3modules/sync-containers3.nix | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/lass/3modules/sync-containers3.nix b/lass/3modules/sync-containers3.nix index 053175565..02ba0a5ff 100644 --- a/lass/3modules/sync-containers3.nix +++ b/lass/3modules/sync-containers3.nix @@ -296,6 +296,10 @@ in { krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-i ctr0"; target = "ACCEPT"; } ]; + krebs.iptables.tables.filter.FORWARD.rules = [ + { predicate = "-i ctr0"; target = "ACCEPT"; } + { predicate = "-o ctr0"; target = "ACCEPT"; } + ]; }) (lib.mkIf cfg.inContainer.enable { users.groups.container_sync = {}; |