diff options
Diffstat (limited to 'nixos/modules/router.nix')
-rw-r--r-- | nixos/modules/router.nix | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/nixos/modules/router.nix b/nixos/modules/router.nix index ed634b1..3002d9b 100644 --- a/nixos/modules/router.nix +++ b/nixos/modules/router.nix @@ -54,10 +54,9 @@ in { firewall = { logRefusedConnections = false; interfaces = { - "home" = {allowedUDPPorts = [67 68];}; - "guest" = {allowedUDPPorts = [67 68];}; + "home" = {allowedUDPPorts = [53 67 68];}; + "guest" = {allowedUDPPorts = [53 67 68];}; }; - rejectPackets = true; filterForward = true; }; nat = { @@ -119,7 +118,7 @@ in { PoolOffset = cnf.dynIPStart; PoolSize = cnf.dynIPCount; EmitDNS = "yes"; - DNS = "1.1.1.1"; + DNS = "${cnf.lanIP}"; }; dhcpServerStaticLeases = mapAttrsToList (n: v: { @@ -150,7 +149,7 @@ in { PoolOffset = cnf.dynIPStart; PoolSize = cnf.dynIPCount; EmitDNS = "yes"; - DNS = "1.1.1.1"; + DNS = "192.168.1.1"; }; dhcpPrefixDelegationConfig = { UplinkInterface = cnf.wan; @@ -166,6 +165,10 @@ in { enable = true; dnssec = "true"; fallbackDns = ["1.1.1.1" "8.8.8.8"]; + extraConfig = '' + DNSStubListenerExtra=${cnf.lanIP} + DNSStubListenerExtra=192.168.1.1 + ''; }; }; } |