From fa8f317d6fc4361c3fecc00aaa0b75b1cc12590c Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Wed, 6 Apr 2022 01:00:55 +0100 Subject: [PATCH] totoro: add firewall rule for Lifx --- ops/nixos/totoro/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ops/nixos/totoro/default.nix b/ops/nixos/totoro/default.nix index ac232ac263..3335322d54 100644 --- a/ops/nixos/totoro/default.nix +++ b/ops/nixos/totoro/default.nix @@ -109,6 +109,10 @@ in { 3702 # samba-wsdd ]; firewall.checkReversePath = false; # breaks Lifx + firewall.extraCommands = '' + # Allow all inbound UDP from localnet for Lifx purposes... + iptables -A nixos-fw -p udp --src 192.168.1.0/24 --dst 192.168.1.40 -j nixos-fw-accept + ''; macvlans.mv-plex = { interface = "br-ext"; }; interfaces.mv-plex = {