From 0a820a702ab7b99ed3e437f108c6fdf14c69e9c0 Mon Sep 17 00:00:00 2001
From: Daniel Barlow <dan@telent.net>
Date: Wed, 20 Mar 2024 19:01:11 +0000
Subject: [PATCH] extneder: delete nftables kernel config

don't need nftables on a bridge. (do we? hope not)
---
 examples/extneder.nix | 35 -----------------------------------
 1 file changed, 35 deletions(-)

diff --git a/examples/extneder.nix b/examples/extneder.nix
index b86e607..2aa777d 100644
--- a/examples/extneder.nix
+++ b/examples/extneder.nix
@@ -27,41 +27,6 @@ in rec {
 
   hostname = "extneder";
 
-  kernel = {
-    config = {
-
-      NETFILTER_XT_MATCH_CONNTRACK = "y";
-
-      IP6_NF_IPTABLES = "y"; # do we still need these
-      IP_NF_IPTABLES = "y"; # if using nftables directly
-
-      # these are copied from rotuer and need review.
-      # we're not running a firewall, so why do we need
-      # nftables config?
-      IP_NF_NAT = "y";
-      IP_NF_TARGET_MASQUERADE = "y";
-      NETFILTER = "y";
-      NETFILTER_ADVANCED = "y";
-      NETFILTER_XTABLES = "y";
-
-      NFT_COMPAT = "y";
-      NFT_CT = "y";
-      NFT_LOG = "y";
-      NFT_MASQ = "y";
-      NFT_NAT = "y";
-      NFT_REJECT = "y";
-      NFT_REJECT_INET = "y";
-
-      NF_CONNTRACK = "y";
-      NF_NAT = "y";
-      NF_NAT_MASQUERADE = "y";
-      NF_TABLES = "y";
-      NF_TABLES_INET = "y";
-      NF_TABLES_IPV4 = "y";
-      NF_TABLES_IPV6 = "y";
-    };
-  };
-
   profile.wap = {
     interfaces =  with config.hardware.networkInterfaces; [
       lan