summaryrefslogtreecommitdiffstats
path: root/lass/2configs/container-networking.nix
diff options
context:
space:
mode:
Diffstat (limited to 'lass/2configs/container-networking.nix')
-rw-r--r--lass/2configs/container-networking.nix4
1 files changed, 2 insertions, 2 deletions
diff --git a/lass/2configs/container-networking.nix b/lass/2configs/container-networking.nix
index f04e4342..0cfe193d 100644
--- a/lass/2configs/container-networking.nix
+++ b/lass/2configs/container-networking.nix
@@ -8,8 +8,8 @@
{ v6 = false; predicate = "-o ve-+"; target = "REJECT --reject-with icmp-port-unreachable"; }
{ v6 = false; predicate = "-i ve-+"; target = "REJECT --reject-with icmp-port-unreachable"; }
];
- krebs.iptables.tables.nat.PREROUTING.rules = [
- { v6 = false; predicate = "-s 10.233.2.0/24"; target = "ACCEPT"; precedence = 1000; }
+ krebs.iptables.tables.nat.PREROUTING.rules = lib.mkBefore [
+ { v6 = false; predicate = "-s 10.233.2.0/24"; target = "ACCEPT"; }
];
krebs.iptables.tables.nat.POSTROUTING.rules = [
{ v6 = false; predicate = "-s 10.233.2.0/24 -d 224.0.0.0/24"; target = "RETURN"; }
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 14:45:01 +0000