fixup! 86df020 network: domains: add firewall rules for multidomain a…

…nd v6upstream
Freifunk-Rhein-Neckar · Nov 30, 2020 · f356569 · f356569
1 parent 86df020
commit f356569
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/network/domains.sls b/network/domains.sls
@@ -64,7 +64,7 @@ include:
 
 dom{{ domain_id }}-network-up-cron:
   cron:
-    {%- if not ("roles" in pillar and 'gateway' in pillar.roles and with_fastd) %}
+    {%- if not ("roles" in pillar and 'gateway4' in pillar.roles and with_fastd) %}
     - present
     {%- else %}
     - absent

diff --git a/network/files/nftables-gw-domain.conf.j2 b/network/files/nftables-gw-domain.conf.j2
@@ -35,7 +35,7 @@ table inet mangle {
 
 {%- if "roles" in pillar and 'gateway6' in pillar.roles %}
         # mss = transport mtu - (batman-adv + ether) - ipv6 - tcp
-        ip version 6 iifname "dom{{ domain_id }}-br" oifname "{{ public_interface) }}" meta l4proto tcp tcp flags & (syn|rst) == syn counter tcp option maxseg size set {{ mtu - 32 - 40 - 20 }}
+        ip version 6 iifname "dom{{ domain_id }}-br" oifname "{{ public_interface }}" meta l4proto tcp tcp flags & (syn|rst) == syn counter tcp option maxseg size set {{ mtu - 32 - 40 - 20 }}
         ip version 6 iifname "{{ public_interface }}" oifname "dom{{ domain_id }}-br" meta l4proto tcp tcp flags & (syn|rst) == syn counter tcp option maxseg size set {{ mtu - 32 - 40 - 20 }}
 {%- endif %}
     }