{
  config,
  lib,
  pkgs,
  ...
}:
{
  boot.kernel.sysctl."net.ipv4.ip_forward" = true;

  systemd.network = {
    enable = true;
    networks = {
      # "uplink" = {
      #   name = "wlp0s20f3";
      #   DHCP = "ipv4";
      #   networkConfig.IPMasquerade = "ipv4";
      # };
      "10-enp2s0" = {
        name = "enp2s0";
        address = [ "192.168.2.1/24" ];
        networkConfig.DHCPServer = "yes";
        dhcpServerConfig = {
          PoolOffset = 100;
          PoolSize = 100;
        };
      };
    };
  };

  networking = {
    nftables = {
      enable = true;
      tables.nat = {
        family = "ip";
        content = ''
          chain postrouting {
            type nat hook postrouting priority 100;
            ip saddr 192.168.2.0/24 masquerade
          }
        '';
      };
    };
    firewall.allowedUDPPorts = [ 67 ];
  };
}