Networking: Difference between revisions

← Older edit Newer edit →

VisualWikitext

@@ Line 46: / Line 46: @@
 <syntaxhighlight lang="nix">
 networking = {
-  nftables = {
-    enable = true;
-    ruleset = ''
-        table ip nat {
-          chain PREROUTING {
-            type nat hook prerouting priority dstnat; policy accept;
-            iifname "ens3" tcp dport 80 dnat to 10.100.0.3:80
-          }
-        }
-    '';
-  };
    firewall = {
      enable = true;
@@ Line 73: / Line 62: @@
      ];
    };
-};
+  # Previous section is equivalent to :
-</syntaxhighlight>
-For IPv6 port forwarding, the example would look like this. Incoming connections on the address <code>2001:db8::</code> and port <code>80</code> will be forwarded to <code>[fe80::1234:5678:9abc:def0]:80</code>.
-<syntaxhighlight lang="nix">
-networking = {
    nftables = {
      enable = true;
      ruleset = ''
-         table ip6 nat {
+         table ip nat {
            chain PREROUTING {
              type nat hook prerouting priority dstnat; policy accept;
-             iifname "ens3" ip6 daddr [2001:db8::] tcp dport 80 dnat to [fe80::1234:5678:9abc:def0]:80
+             iifname "ens3" tcp dport 80 dnat to 10.100.0.3:80
            }
          }
      '';
    };
+};
+</syntaxhighlight>
+For IPv6 port forwarding, the example would look like this. Incoming connections on the address <code>2001:db8::</code> and port <code>80</code> will be forwarded to <code>[fe80::1234:5678:9abc:def0]:80</code>.
+<syntaxhighlight lang="nix">
+networking = {
    firewall = {
      enable = true;
@@ Line 109: / Line 99: @@
        }
      ];
+  };
+  # Previous section is equivalent to :
+  nftables = {
+    enable = true;
+    ruleset = ''
+        table ip6 nat {
+          chain PREROUTING {
+            type nat hook prerouting priority dstnat; policy accept;
+            iifname "ens3" ip6 daddr [2001:db8::] tcp dport 80 dnat to [fe80::1234:5678:9abc:def0]:80
+          }
+        }
+    '';
    };
 };