makefu/stockholm
1
0
Fork 0
Code Issues Pull requests Actions1 Packages Projects Releases Wiki Activity

iptables: fix range definition

Browse source
This commit is contained in:
lassulus 2022-03-25 14:29:50 +01:00
parent a0c8d21863
commit ae9c0b1271
1 changed files with 2 additions and 2 deletions

4
krebs/3modules/iptables.nix
View file

@ -125,8 +125,8 @@ let
(interface: interfaceConfig: [ (interface: interfaceConfig: [
(map (port: { predicate = "-i ${interface} -p tcp --dport ${toString port}"; target = "ACCEPT"; }) interfaceConfig.allowedTCPPorts) (map (port: { predicate = "-i ${interface} -p tcp --dport ${toString port}"; target = "ACCEPT"; }) interfaceConfig.allowedTCPPorts)
(map (port: { predicate = "-i ${interface} -p udp --dport ${toString port}"; target = "ACCEPT"; }) interfaceConfig.allowedUDPPorts) (map (port: { predicate = "-i ${interface} -p udp --dport ${toString port}"; target = "ACCEPT"; }) interfaceConfig.allowedUDPPorts)
(map (portRange: { predicate = "-i ${interface} -p tcp --dport ${toString port.from}:${toString port.to}"; target = "ACCEPT"; }) interfaceConfig.allowedTCPPortRanges) (map (portRange: { predicate = "-i ${interface} -p tcp --dport ${toString portRange.from}:${toString portRange.to}"; target = "ACCEPT"; }) interfaceConfig.allowedTCPPortRanges)
(map (portRange: { predicate = "-i ${interface} -p udp --dport ${toString port.from}:${toString port.to}"; target = "ACCEPT"; }) interfaceConfig.allowedUDPPortRanges) (map (portRange: { predicate = "-i ${interface} -p udp --dport ${toString portRange.from}:${toString portRange.to}"; target = "ACCEPT"; }) interfaceConfig.allowedUDPPortRanges)
]) ])
config.networking.firewall.interfaces config.networking.firewall.interfaces
); );