From 674ec2efd4da3dc97c03f00caed7fa59d3a659f9 Mon Sep 17 00:00:00 2001
From: kat witch <kat@kittywit.ch>
Date: Tue, 7 Sep 2021 04:48:28 +0100
Subject: [PATCH] profiles/network: WG is private interface

---
 config/profiles/network.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/config/profiles/network.nix b/config/profiles/network.nix
index 43b56973..9c309195 100644
--- a/config/profiles/network.nix
+++ b/config/profiles/network.nix
@@ -14,6 +14,8 @@
       meta l4proto 89 iifname wgmesh-* accept
     '';
 
+    network.firewall.private.interfaces = singleton "wgmesh-*";
+
     networking.policyrouting = {
       enable = true;
       rules = [