From a38c39424f29bbdfe1493061da05326f9d05d4a0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Jan 2023 18:48:12 +0100 Subject: [PATCH] l sync-containers3: allow ctr0 in FORWARD --- lass/3modules/sync-containers3.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lass/3modules/sync-containers3.nix b/lass/3modules/sync-containers3.nix index 053175565..02ba0a5ff 100644 --- a/lass/3modules/sync-containers3.nix +++ b/lass/3modules/sync-containers3.nix @@ -296,6 +296,10 @@ in { krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-i ctr0"; target = "ACCEPT"; } ]; + krebs.iptables.tables.filter.FORWARD.rules = [ + { predicate = "-i ctr0"; target = "ACCEPT"; } + { predicate = "-o ctr0"; target = "ACCEPT"; } + ]; }) (lib.mkIf cfg.inContainer.enable { users.groups.container_sync = {};