From 1b9572e04d5c8029742a22d70e60e079f3f2ee3c Mon Sep 17 00:00:00 2001
From: zoe <ZoeOosting@outlook.com>
Date: Thu, 8 Dec 2022 12:19:42 +0100
Subject: [PATCH] fix firewall config

---
 configuration.nix | 13 ++-----------
 user.nix          |  1 +
 2 files changed, 3 insertions(+), 11 deletions(-)

diff --git a/configuration.nix b/configuration.nix
index 81dcea8..37b2e21 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -157,17 +157,8 @@
 
   # wireguard settings
   networking.firewall = {
-    # if packets are still dropped, they will show up in dmesg
-    logReversePathDrops = true;
-    # wireguard trips rpfilter up
-    extraCommands = ''
-      ip46tables -t raw -I nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN
-      ip46tables -t raw -I nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN
-    '';
-    extraStopCommands = ''
-      ip46tables -t raw -D nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN || true
-      ip46tables -t raw -D nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN || true
-    '';
+    allowedUDPPorts = [ 51820 ];
+    enable = true;
   };
 
   # This value determines the NixOS release from which the default
diff --git a/user.nix b/user.nix
index 20177b4..0c24ad7 100644
--- a/user.nix
+++ b/user.nix
@@ -35,6 +35,7 @@
       mpv
       yt-dlp
       obs-studio
+      ffmpeg
 
       # images
       feh