From 25e3c091a07374f49ff74d0a69a4515715bff43b Mon Sep 17 00:00:00 2001
From: Domen Kožar <domen@dev.si>
Date: Thu, 12 May 2016 11:02:43 +0100
Subject: Revert "nixos/nat: Allow nat without an externalInterface"

This reverts commit 431a98b12b5e1cc51181da815870dda5e23709f8.

Breaks nixos tests: http://hydra.nixos.org/build/35538207
---
 nixos/modules/services/networking/nat.nix | 13 ++++---------
 1 file changed, 4 insertions(+), 9 deletions(-)

(limited to 'nixos/modules/services/networking/nat.nix')

diff --git a/nixos/modules/services/networking/nat.nix b/nixos/modules/services/networking/nat.nix
index f35b0f68e3e..9d163e60d5e 100644
--- a/nixos/modules/services/networking/nat.nix
+++ b/nixos/modules/services/networking/nat.nix
@@ -12,9 +12,6 @@ let
 
   dest = if cfg.externalIP == null then "-j MASQUERADE" else "-j SNAT --to-source ${cfg.externalIP}";
 
-  externalInterfaceFilter = param:
-    optionalString (cfg.externalInterface != null) "${param} ${cfg.externalInterface}";
-
   flushNat = ''
     iptables -w -t nat -D PREROUTING -j nixos-nat-pre 2>/dev/null|| true
     iptables -w -t nat -F nixos-nat-pre 2>/dev/null || true
@@ -39,20 +36,19 @@ let
     # NAT the marked packets.
     ${optionalString (cfg.internalInterfaces != []) ''
       iptables -w -t nat -A nixos-nat-post -m mark --mark 1 \
-        ${externalInterfaceFilter "-o"} ${dest}
+        -o ${cfg.externalInterface} ${dest}
     ''}
 
     # NAT packets coming from the internal IPs.
     ${concatMapStrings (range: ''
       iptables -w -t nat -A nixos-nat-post \
-        -s '${range}' \! -d '${range}'
-        ${externalInterfaceFilter "-o"} ${dest}
+        -s '${range}' -o ${cfg.externalInterface} ${dest}
     '') cfg.internalIPs}
 
     # NAT from external ports to internal ports.
     ${concatMapStrings (fwd: ''
       iptables -w -t nat -A nixos-nat-pre \
-        ${externalInterfaceFilter "-i"} -p tcp \
+        -i ${cfg.externalInterface} -p tcp \
         --dport ${builtins.toString fwd.sourcePort} \
         -j DNAT --to-destination ${fwd.destination}
     '') cfg.forwardPorts}
@@ -104,8 +100,7 @@ in
     };
 
     networking.nat.externalInterface = mkOption {
-      type = types.nullOr types.str;
-      default = null;
+      type = types.str;
       example = "eth1";
       description =
         ''
-- 
cgit 1.4.1