From 5cb5d5de8413032484da6493b2263d224b2d251b Mon Sep 17 00:00:00 2001
From: Aditya <bluenerd@protonmail.com>
Date: Sat, 16 Mar 2024 00:24:13 +0530
Subject: [PATCH] update incus network configuration

---
 configuration.nix | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/configuration.nix b/configuration.nix
index 27430f8..a367eca 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -78,6 +78,10 @@
     unmanaged = [ "virbr0" "docker0" ];
   };
 
+  networking.nftables.enable = true;
+
+  networking.firewall.trustedInterfaces = [ "incusbr0" ];
+
   # Set your time zone.
   time.timeZone = "Asia/Kolkata";
 
@@ -120,12 +124,12 @@ networking = {
   '';
   nameservers = [ "1.1.1.1" "9.9.9.9" ];
   bridges = { incusbr0.interfaces = []; };
-  firewall.extraCommands = ''
-    iptables -A INPUT incusbr0 -j ACCEPT
-    iptables -A FORWARD -o incusbr0 -j ACCEPT
-    iptables -A FORWARD -i incusbr0 -j ACCEPT
-    iptables -A OUTPUT -o incusbr0 -j ACCEPT
-  '';
+  # firewall.extraCommands = ''
+  #   iptables -A INPUT incusbr0 -j ACCEPT
+  #   iptables -A FORWARD -o incusbr0 -j ACCEPT
+  #   iptables -A FORWARD -i incusbr0 -j ACCEPT
+  #   iptables -A OUTPUT -o incusbr0 -j ACCEPT
+  # '';
 };
 
 # Enable dde