nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-01 15:11:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #32258 from ryantrinkle/add-nat-extraCommands

Browse Source 
nat: add extraCommands option
This commit is contained in:
Ryan Trinkle 2018-01-02 14:32:42 -05:00 committed by GitHub
commit f1a6fa6eec
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
nixos/modules/services/networking/nat.nix
View File

@ -19,6 +19,8 @@ let
iptables -w -t nat -D POSTROUTING -j nixos-nat-post 2>/dev/null || true
iptables -w -t nat -F nixos-nat-post 2>/dev/null || true
iptables -w -t nat -X nixos-nat-post 2>/dev/null || true
${cfg.extraStopCommands}
'';
setupNat = ''
@ -59,6 +61,8 @@ let
--to-destination ${cfg.dmzHost}
''}
${cfg.extraCommands}
# Append our chains to the nat tables
iptables -w -t nat -A PREROUTING -j nixos-nat-pre
iptables -w -t nat -A POSTROUTING -j nixos-nat-post
@ -170,6 +174,28 @@ in
'';
};
networking.nat.extraCommands = mkOption {
type = types.lines;
default = "";
example = "iptables -A INPUT -p icmp -j ACCEPT";
description =
''
Additional shell commands executed as part of the nat
initialisation script.
'';
};
networking.nat.extraStopCommands = mkOption {
type = types.lines;
default = "";
example = "iptables -D INPUT -p icmp -j ACCEPT || true";
description =
''
Additional shell commands executed as part of the nat
teardown script.
'';
};
};