Prototype DNS support locally

This works when I route from lithium, including with 'dig', but when I try to 'dig @lithium router.home' from helium, for example, it times out. So my thought is that the firewall is blocking, but that doesn't seem to be the problem. So maybe my router is doing something? Hopefully when I migrate this to my APU router this will all just work, but idk.
author: Ben Sima <ben@bsima.me> 2022-08-25 08:56:43 -0400
committer: Ben Sima <ben@bsima.me> 2022-08-25 08:56:43 -0400
commit: e96c147896f12e2f5c171f980b2d2d84407fdb3c (patch)
tree: 01889339c3ef865ef3517b7388b56c049e0de2c0 /Biz/Dev/Networking.nix
parent: 2c7a85de18eb46d8afb449e4784720eb7c284e55 (diff)
1 files changed, 10 insertions, 2 deletions
diff --git a/Biz/Dev/Networking.nix b/Biz/Dev/Networking.nix
index 88ec4fb..721b8bf 100644
--- a/Biz/Dev/Networking.nix
+++ b/Biz/Dev/Networking.nix
@@ -1,4 +1,4 @@
-{ ... }:
+{ lib, ... }:
 
 let
   ports = import ../Cloud/Ports.nix;
@@ -34,11 +34,19 @@ in {
         ports.torrents
         ports.httpdev
       ];
-      allowedUDPPorts = [ ports.murmur ports.et ];
+      allowedUDPPorts = [
+        ports.dns
+        ports.et
+        ports.murmur
+      ];
       allowedUDPPortRanges = [
         ports.torrents
       ];
       checkReversePath = false;
+      #extraCommands = lib.mkMerge [ (lib.mkAfter ''
+      #  iptables -w -t filter -A nixos-fw -s 192.168.0.0/24 -p udp --dport 53 -i enp1s0 -j nixos-fw-accept
+      #  iptables -w -t filter -A nixos-fw -s 192.168.0.0/24 -p tcp --dport 53 -i enp1s0 -j nixos-fw-accept
+      #'') ];
     };
 
     # The global useDHCP flag is deprecated, therefore explicitly set to false here.
author	Ben Sima <ben@bsima.me>	2022-08-25 08:56:43 -0400
committer	Ben Sima <ben@bsima.me>	2022-08-25 08:56:43 -0400
commit	e96c147896f12e2f5c171f980b2d2d84407fdb3c (patch)
tree	01889339c3ef865ef3517b7388b56c049e0de2c0 /Biz/Dev/Networking.nix
parent	2c7a85de18eb46d8afb449e4784720eb7c284e55 (diff)