3 tv.iptables: unique ports

2015-07-18 12:34:18 +02:00 · 2015-07-18 12:34:18 +02:00 · 9f3c4a2381
parent 62885ad0dd
commit 9f3c4a2381
1 changed files with 2 additions and 2 deletions
--- a/3modules/tv/iptables.nix
+++ b/3modules/tv/iptables.nix
@ -76,7 +76,7 @@ let
          "-m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT"
          "-i lo -j ACCEPT"
        ]
-        ++ map accept-new-tcp cfg.input-internet-accept-new-tcp
+        ++ map accept-new-tcp (unique cfg.input-internet-accept-new-tcp)
        ++ ["-i retiolum -j Retiolum"]
      )}
      ${concatMapStringsSep "\n" (rule: "-A Retiolum ${rule}") ([]
@ -88,7 +88,7 @@ let
            "-p ipv6-icmp -m icmp6 --icmpv6-type echo-request -j ACCEPT"
          ];
        }."ip${toString iptables-version}tables"
-        ++ map accept-new-tcp cfg.input-retiolum-accept-new-tcp
+        ++ map accept-new-tcp (unique cfg.input-retiolum-accept-new-tcp)
        ++ {
          ip4tables = [
            "-p tcp -j REJECT --reject-with tcp-reset"