shinobu/router: Reduce semicolon usage

Only use it where it is necessary
2023-09-08 13:08:43 +02:00 · 2023-09-08 13:08:43 +02:00 · 94fcee359a
parent 2dab79f0bc
commit 94fcee359a
1 changed files with 17 additions and 15 deletions
--- a/machines/shinobu/services/router.nix
+++ b/machines/shinobu/services/router.nix
@ -66,7 +66,7 @@ in
        table inet filter {
          chain forward {
-            type filter hook forward priority filter; policy drop;
+            type filter hook forward priority filter; policy drop
            # Use MSS clamping
            # to avoid too large packets from client on the lan
@ -74,38 +74,40 @@ in
            iifname wg-upstream tcp flags syn / syn,rst tcp option maxseg size set rt mtu
            oifname wg-upstream tcp flags syn / syn,rst tcp option maxseg size set rt mtu
-            iifname $NAT_LAN_IFACES oifname $NAT_WAN_IFACES counter accept;
+            iifname $NAT_LAN_IFACES oifname $NAT_WAN_IFACES counter accept
-            iifname $NAT_WAN_IFACES oifname $NAT_LAN_IFACES ct state established,related counter accept;
+            iifname $NAT_WAN_IFACES oifname $NAT_LAN_IFACES ct state established,related counter accept
            # plastic router
-            iifname $NAT_LAN_IFACES oifname $PHYSICAL_WAN ip daddr $PLASTIC_ROUTER_V4 counter accept;
+            iifname $NAT_LAN_IFACES oifname $PHYSICAL_WAN ip daddr $PLASTIC_ROUTER_V4 counter accept
-            iifname $PHYSICAL_WAN oifname $NAT_LAN_IFACES ip saddr $PLASTIC_ROUTER_V4 ct state established,related counter accept;
+            iifname $PHYSICAL_WAN oifname $NAT_LAN_IFACES ip saddr $PLASTIC_ROUTER_V4 ct state established,related counter accept
-            iifname $NAT_LAN_IFACES oifname $PHYSICAL_WAN ip daddr $VUEKO_V4 udp dport $VUEKO_PORT counter accept;
+            iifname $NAT_LAN_IFACES oifname $PHYSICAL_WAN ip daddr $VUEKO_V4 udp dport $VUEKO_PORT counter accept
-            iifname $PHYSICAL_WAN oifname $NAT_LAN_IFACES ip saddr $VUEKO_V4 udp sport $VUEKO_PORT ct state established,related counter accept;
+            iifname $PHYSICAL_WAN oifname $NAT_LAN_IFACES ip saddr $VUEKO_V4 udp sport $VUEKO_PORT ct state established,related counter accept
-            iifname $NAT_LAN_IFACES oifname $PHYSICAL_WAN ip6 daddr $VUEKO_V6 udp dport $VUEKO_PORT counter accept;
+            iifname $NAT_LAN_IFACES oifname $PHYSICAL_WAN ip6 daddr $VUEKO_V6 udp dport $VUEKO_PORT counter accept
-            iifname $PHYSICAL_WAN oifname $NAT_LAN_IFACES ip6 saddr $VUEKO_V6 udp sport $VUEKO_PORT ct state established,related counter accept;
+            iifname $PHYSICAL_WAN oifname $NAT_LAN_IFACES ip6 saddr $VUEKO_V6 udp sport $VUEKO_PORT ct state established,related counter accept
          }
        }
        table inet nat {
          chain prerouting {
-            type nat hook prerouting priority filter; policy accept;
+            type nat hook prerouting priority filter; policy accept
          }
          chain postrouting {
-            type nat hook postrouting priority filter; policy accept;
+            type nat hook postrouting priority filter; policy accept
-            oifname $MASQUERADE_IFACES masquerade;
+            oifname $MASQUERADE_IFACES masquerade
          }
        }
        table inet mangle {
          chain output {
-            type route hook output priority mangle;
+            type route hook output priority mangle
            # Add fwmark noVpnMark to packets to vueko, so it will get routed correctly
-            ip daddr $VUEKO_V4 udp dport $VUEKO_PORT mark set ${toString noVpnFwMark} counter;
+            ip daddr $VUEKO_V4 udp dport $VUEKO_PORT mark set ${toString noVpnFwMark} counter
-            ip6 daddr $VUEKO_V6 udp dport $VUEKO_PORT mark set ${toString noVpnFwMark} counter;
+            ip6 daddr $VUEKO_V6 udp dport $VUEKO_PORT mark set ${toString noVpnFwMark} counter
          }
        }
          }
        }
      '';