nixos/modules/cascade-router.nix

{ config, pkgs, lib, ... }:

{
  config = {
    #system.activationScripts."arpFilter" = ''
    #PATH=${pkgs.procps}/bin:${pkgs.iptables}/bin:$PATH
    #  sysctl net.ipv4.conf.all.arp_filter=1
    #  sysctl net.ipv4.conf.default.arp_filter=1
    #'';

    environment.systemPackages = with pkgs; [
      tcpdump
    ];

    networking = {
      nat = {
        enable = true;
        externalInterface = "wan0";
        internalInterfaces = [ "lan0" "sec0" ];
      };
      useHostResolvConf = false;
      useNetworkd = true;
      useDHCP = false;
      interfaces."wan0" = {
        useDHCP = true;
        #macAddress = "a0:ce:c8:c6:d2:5f";
      };
    };

    system.stateVersion = "24.05";
  };
}