From 52c30a2f8b6549b914963fb1ab40ea8d98b71c8e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vili=20Sinerv=C3=A4?= Date: Sat, 21 Dec 2024 17:57:15 +0200 Subject: [PATCH] Test using Jool for IPv4 -> 6 port forwarding --- machine-confs/exoplasim.nix | 4 ++++ services/nat64.nix | 40 ++++++++++++++++++++++++++++++++++++- 2 files changed, 43 insertions(+), 1 deletion(-) diff --git a/machine-confs/exoplasim.nix b/machine-confs/exoplasim.nix index ca776f5..2fe83cb 100644 --- a/machine-confs/exoplasim.nix +++ b/machine-confs/exoplasim.nix @@ -20,6 +20,10 @@ # presharedKeyFile = "/root/wireguard-keys/psk"; # allowedIPs = [ "10.0.0.2/32" ]; # } + { + publicKey = "9FOmHXs0CmDlW61noS7DqhgH5GfQHzg8ZMasyNQACSc="; + allowedIPs = [ "10.0.0.2/32" ]; + } ]; }; }; diff --git a/services/nat64.nix b/services/nat64.nix index 0b2def7..4a5c5d5 100644 --- a/services/nat64.nix +++ b/services/nat64.nix @@ -2,6 +2,44 @@ { networking.jool = { enable = true; - nat64.default = { }; + nat64.default = { + global.pool6 = "64:ff9b::/96"; # Default value made explicit for clarity + + # Port forwarding + bib = [ + { + # ExoPlaSim WireGuard + "protocol" = "UDP"; + "ipv4 address" = "192.168.1.1#51821"; + "ipv6 address" = "fd08:d473:bcca:0:699b:fcbf:f142:225c#51821"; + } + ]; + + pool4 = [ + # Port ranges for dynamic translation + { + protocol = "TCP"; + prefix = "192.168.1.1/32"; + "port range" = "30001-50000"; + } + { + protocol = "UDP"; + prefix = "192.168.1.1/32"; + "port range" = "30001-50000"; + } + { + protocol = "ICMP"; + prefix = "192.168.1.1/32"; + "port range" = "30001-50000"; + } + + # Ports for static BIB entries + { + protocol = "UDP"; + prefix = "192.168.1.1/32"; + "port range" = "51821"; + } + ]; + }; }; }