45 lines
1.1 KiB
Nix
45 lines
1.1 KiB
Nix
{ ... }:
|
|
{
|
|
networking = {
|
|
hostName = "manatee";
|
|
|
|
# Required for asymmetric routing (sending replies out a different interface
|
|
# than the default route). Without this, the kernel drops the return traffic.
|
|
firewall.checkReversePath = "loose";
|
|
|
|
defaultGateway = "192.168.50.1";
|
|
nameservers = [ "1.1.1.1" ];
|
|
interfaces = {
|
|
enp3s0 = {
|
|
useDHCP = false;
|
|
ipv4 = {
|
|
addresses = [
|
|
{
|
|
address = "192.168.50.203";
|
|
prefixLength = 24;
|
|
}
|
|
];
|
|
};
|
|
|
|
ipv4.routes = [
|
|
{
|
|
address = "0.0.0.0";
|
|
prefixLength = 0;
|
|
via = "192.168.50.1"; # Router
|
|
options = {
|
|
table = "100";
|
|
};
|
|
}
|
|
];
|
|
};
|
|
};
|
|
|
|
# Route packets from machines local IP back to router
|
|
localCommands = ''
|
|
# Add the rule only if it doesn't exist yet (idempotent)
|
|
ip rule list | grep -q "from 192.168.50.203 lookup 100" || \
|
|
ip rule add from 192.168.50.203 lookup 100 priority 5000
|
|
'';
|
|
};
|
|
}
|