From ed325848ab047b6a98dc0576d40ee36d79e0eb55 Mon Sep 17 00:00:00 2001
From: Franziska Kunsmann <hi@kunsmann.eu>
Date: Thu, 31 Dec 2020 22:30:10 +0100
Subject: [PATCH] nodes/home.router: refine forwarding rules for enp1s0.23

---
 nodes/home/router.py | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/nodes/home/router.py b/nodes/home/router.py
index f71b5fb..b997eaa 100644
--- a/nodes/home/router.py
+++ b/nodes/home/router.py
@@ -64,10 +64,9 @@ nodes['home.router'] = {
         },
         'iptables': {
             'custom_rules': [
-                # This is a router. Allow forwarding traffic for all internal networks.
+                # This is a router. Allow forwarding traffic for internal networks.
                 'iptables_both -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT',
-                'iptables_both -A FORWARD -i enp1s0.23 -o enp1s0.42 -j REJECT',
-                'iptables_both -A FORWARD -i enp1s0.23 -j ACCEPT',
+                'iptables_both -A FORWARD -i enp1s0.23 -o ppp0 -j ACCEPT',
                 'iptables_both -A FORWARD -i enp1s0.42 -j ACCEPT',
 
                 # External port 2022 should be home.nas