From 520d750404ab36078dbd75200e3756d15b11def3 Mon Sep 17 00:00:00 2001
From: Simon Bruder <simon@sbruder.de>
Date: Tue, 2 Feb 2021 21:40:30 +0100
Subject: [PATCH] firewall: Entirely disable reverse path checking
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This hopefully fixes #26 (or more specific a regression caused by it,
see the comment in the issue). I didn’t test it for long, but it seems
to work.
---
 modules/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/default.nix b/modules/default.nix
index 04472f8..2458982 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -96,7 +96,7 @@ in
 
     # When this is set to true (default), routing everything through a
     # wireguard tunnel does not work.
-    networking.firewall.checkReversePath = "loose";
+    networking.firewall.checkReversePath = false;
 
     nix = {
       nixPath = [