From b843fd83a9cecd9a12647056d48bc5291e965be8 Mon Sep 17 00:00:00 2001
From: Alan Pearce
Date: Sat, 31 Aug 2024 15:24:51 +0200
Subject: nanopi: remove obsolete firewall rules

---
 system/nanopi.nix | 17 -----------------
 1 file changed, 17 deletions(-)

diff --git a/system/nanopi.nix b/system/nanopi.nix
index 1759cf4c..3a95ebfc 100755
--- a/system/nanopi.nix
+++ b/system/nanopi.nix
@@ -146,29 +146,12 @@ in
         ];
       };
       extraForwardRules = ''
-        iifname { "wlan0", "lte0" } oifname { "lan1", "lan2", "bridge0" } icmpv6 type { destination-unreachable, packet-too-big, time-exceeded, parameter-problem, echo-request, mld-listener-query, nd-router-solicit, nd-router-advert, nd-neighbor-solicit, nd-neighbor-advert } accept
-        iifname { "lan1", "lan2", "bridge0" } oifname { "wlan0", "lte0" } accept
         iifname "tailscale0" oifname "bridge0" accept
         iifname "bridge0" oifname "tailscale0" accept
       '';
     };
     nftables = {
       enable = true;
-      tables = {
-        firewall = {
-          family = "inet";
-          content = ''
-            chain postrouting {
-              type nat hook postrouting priority srcnat; policy accept;
-              oifname { "wlan0", "lte0" } masquerade
-            }
-            chain prerouting {
-              type nat hook prerouting priority dstnat;
-              iifname "wan0" tcp dport { 6922, 51413 } dnat ip to 10.0.0.42
-            }
-          '';
-        };
-      };
     };
     wireless = {
       enable = true;
-- 
cgit 1.4.1