I have a desktop which is connected to the internet through Wi-Fi and a laptop which is connected to the desktop through ethernet. I am sharing the internet to the laptop through GNOME / NetworkManager:
Is there a way I can change some settings so that I don’t have to disable the firewall?
This is a bit of a shot in the dark, but try setting networking.firewall.checkReversePath = "loose"; on the desktop (assuming it’s NixOS).
Yeah, there are two rp-filters (the other one in the kernel IP stack, sysctl net.ipv4.conf.default.rp_filter), which is kind of tricky
Adding
networking.firewall.checkReversePath = "loose";
did not work
To be specific, the internet works for the laptop, but DNS does not.
This is my config btw:
networking = {
firewall = {
enable = true;
checkReversePath = "loose";
allowedTCPPortRanges = [
{
from = 4321;
to = 4323;
}
];
allowedTCPPorts = [ 53 ];
allowedUDPPorts = [ 53 ];
};
};
Actually this is a pretty good solution because I can just set DNS to be 1.1.1.1.
However for my use case (iPXE booting) I want to boot based on a local network host name so I this isn’t enough.
Even though that comment is about sharing internet through Wi-Fi and not ethernet, I think either way it is the exact same issue as mine. I will follow the discussion and hopefully this gets fixed.