NAT and Port forwarding


I was looking at the NAT settings for NixOS and realized that you needed the add extra iptables commands to the firewall to be able to do NAT.

I cannot seem to find a reason on the issues and pull requests mentioning the module to why this wasn’t implemented in the firewall module directly when you enable the networking NAT option.

Is there a particular reason why this is not possible ? If not, I’d like to start working on a pull request to add the iptable rules directly when using NAT.

What do you think?

Best regards,


Are you aware of networking.nat?

That is what I am saying, it appears that from this page, you need to add an iptable command to make it work.

Did you test it? I don’t know why that command is there: it shouldn’t be necessary.

I cannot test it right now but I am pretty sure that when I used it (in May) it was necessary to make it work.