diff --git a/machines/vault01/networking.nix b/machines/vault01/networking.nix index 54c7de9..71fe3da 100644 --- a/machines/vault01/networking.nix +++ b/machines/vault01/networking.nix @@ -190,5 +190,21 @@ in }; }; - networking.firewall.allowedUDPPorts = [ 67 ]; + networking = { + nftables = { + enable = true; + tables.nat = { + family = "ip"; + content = '' + chain postrouting { + type nat hook postrouting priority 100; + snat ip to 129.199.195.130-129.199.195.158 + } + ''; + }; + }; + firewall.allowedUDPPorts = [ 67 ]; + }; + + boot.kernel.sysctl."net.ipv4.ip_forward" = true; }