1 files changed, 15 insertions, 7 deletions

diff --git a/router.nix b/router.nix
index 3cca35e..88e2ab7 100644
--- a/router.nix
+++ b/router.nix
@@ -9,13 +9,25 @@ in
 
   networking = {
     nftables.enable = true;
-    firewall.filterForward = true;
+    firewall = {
+      filterForward = true;
+      allowedTCPPorts = [ 53 ];
+      allowedUDPPorts = [
+        53
+        67
+      ];
+    };
     nat = {
       enable = true;
       externalInterface = wanInterface;
       internalInterfaces = [ "br0" ];
       forwardPorts = [
         {
+          sourcePort = 51801;
+          destination = "10.69.0.3:51801";
+          proto = "udp";
+        }
+        {
           sourcePort = 80;
           destination = "10.69.0.3:80";
         }
@@ -55,7 +67,9 @@ in
         }
       ];
     };
+    nameservers = [ "127.0.0.1" ];
   };
+
   services.hostapd = {
     enable = true;
     radios.${wifiInterface} = {
@@ -106,12 +120,6 @@ in
       ];
     };
   };
-  networking.nameservers = [ "127.0.0.1" ];
-  networking.firewall.allowedUDPPorts = [
-    53
-    67
-  ];
-  networking.firewall.allowedTCPPorts = [ 53 ];
   oden.persist.directories = [ "/var/lib/dnsmasq" ];
 
   age.secrets."wifi-password.txt".file = ./secrets/wifi-password.txt.age;