From de1cbcc69234d9301eb60bf8b074239f703f4d0e Mon Sep 17 00:00:00 2001 From: Max Veytsman Date: Sun, 3 Nov 2019 22:20:49 -0500 Subject: nixos/nat: fix typo in comment This iptables directive is marking packets coming from the internal interfaces so they can later be NATed by the rule in https://github.com/NixOS/nixpkgs/blob/22378e699682778075bcfb12cb6bf710261586f5/nixos/modules/services/networking/nat.nix#L38-L42 . Fix the comment accordingly. --- nixos/modules/services/networking/nat.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nixos/modules') diff --git a/nixos/modules/services/networking/nat.nix b/nixos/modules/services/networking/nat.nix index 89d8590093dd..5681bda51cb4 100644 --- a/nixos/modules/services/networking/nat.nix +++ b/nixos/modules/services/networking/nat.nix @@ -29,7 +29,7 @@ let iptables -w -t nat -N nixos-nat-post # We can't match on incoming interface in POSTROUTING, so - # mark packets coming from the external interfaces. + # mark packets coming from the internal interfaces. ${concatMapStrings (iface: '' iptables -w -t nat -A nixos-nat-pre \ -i '${iface}' -j MARK --set-mark 1 -- cgit 1.4.1