From ecd5523a9487aca271c8eeb459f4ffdb1f0b0207 Mon Sep 17 00:00:00 2001
From: DarkGuibrine <darkgui@protonmail.com>
Date: Mon, 11 May 2026 19:30:15 -0300
Subject: [PATCH] Update firewall.nix

---
 hosts/darkgui-vps/config/self-host/firewall.nix | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/hosts/darkgui-vps/config/self-host/firewall.nix b/hosts/darkgui-vps/config/self-host/firewall.nix
index d67e7d0..29c5456 100644
--- a/hosts/darkgui-vps/config/self-host/firewall.nix
+++ b/hosts/darkgui-vps/config/self-host/firewall.nix
@@ -6,7 +6,6 @@
   ...
 }:
 {
-
   # Open ports in the firewall.
   networking.firewall = {
     enable = true;
@@ -21,8 +20,20 @@
       9000
       11000
     ];
+
     trustedInterfaces = [ "tailscale0" "docker0" ];
-    allowedUDPPorts = [ config.services.tailscale.port ];
+    allowedUDPPorts = [
+      config.services.tailscale.port
+      53
+      5300
+      7777
+      40000
+    ];
+    extraCommands = ''
+      iptables -A PREROUTING -t nat -i eth0 -p TCP --dport 80 -j REDIRECT --to-port 8000
+      iptables -A PREROUTING -t nat -i eth0 -p TCP --dport 53 -j REDIRECT --to-port 5300
+      iptables -A PREROUTING -t nat -i eth0 -p UDP --dport 53 -j REDIRECT --to-port 5300
+    '';
   };
 
 }