harald/nixcfg
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

sgx: dcap firewall rules

Browse source 
Signed-off-by: Harald Hoyer <harald@hoyer.xyz>
This commit is contained in:
Harald Hoyer 2024-03-20 13:21:14 +01:00
parent 9f40890b90
commit ab7be188fc
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
systems/x86_64-linux/sgx-nixos/default.nix
View file

@ -4,6 +4,12 @@ with lib.metacfg;
{ {
imports = [ ./hardware-configuration.nix ]; imports = [ ./hardware-configuration.nix ];
boot.kernel.sysctl."net.ipv4.conf.all.route_localnet" = 1;
networking.firewall.extraCommands = ''
iptables -t nat -A OUTPUT -o lo -p tcp --dport 8081 -j DNAT --to-destination 192.168.122.1:8081
iptables -t nat -A POSTROUTING -j MASQUERADE
'';
metacfg = { metacfg = {
base.enable = true; base.enable = true;
nix-ld.enable = true; nix-ld.enable = true;