router: enable ipv6 forwarding in wan netns

2024-07-14 06:41:26 +07:00 · 2024-07-14 06:41:26 +07:00 · a6a9b5be12
parent 2bdbbafbb0
commit a6a9b5be12
2 changed files with 7 additions and 3 deletions
--- a/flake.lock
+++ b/flake.lock
@ -510,11 +510,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1720021052,
-        "narHash": "sha256-tu8IQn8Kj7S0xRg0L2ej7S65FzXqSX7LI7M2pbLdQJU=",
+        "lastModified": 1720913908,
+        "narHash": "sha256-AZ0AcL1ze6gS8EmwRpuR04MXCLb/NDLjp9n+Gs4IhFQ=",
        "owner": "chayleaf",
        "repo": "nixos-router",
-        "rev": "4c132c4c5fc09b3c3317b960ec1533c4a5ebe41f",
+        "rev": "38088dc1745350db709e9f2cf777979b5217f671",
        "type": "github"
      },
      "original": {
--- a/system/hosts/router/default.nix
+++ b/system/hosts/router/default.nix
@ -718,6 +718,10 @@ in {
    ];
  };
  router.networkNamespaces.wan = {
+    sysctl = {
+      "net.ipv4.conf.all.forwarding" = true;
+      "net.ipv6.conf.all.forwarding" = true;
+    };
    # this is the even more boring nftables config
    nftables.jsonRules = let
      wans = [ "wan" ] ++ lib.optional (cfg.vpn.tunnel.mode == "sit") "sittun0";