makefu/stockholm
1
0
Fork 0
Code Issues Pull requests Actions1 Packages Projects Releases Wiki Activity

3 tv.iptables: allow numeric ports

Browse source
This commit is contained in:
tv 2015-07-19 16:12:21 +02:00
parent 6db748f4b5
commit c441f091d3
1 changed files with 4 additions and 4 deletions

8
3modules/tv/iptables.nix
View file

@ -14,12 +14,12 @@ let
enable = mkEnableOption "tv.iptables";
input-internet-accept-new-tcp = mkOption {
type = with types; listOf str;
type = with types; listOf (either int str);
default = [];
};
input-retiolum-accept-new-tcp = mkOption {
type = with types; listOf str;
type = with types; listOf (either int str);
default = [];
};
};
@ -76,7 +76,7 @@ let
"-m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT"
"-i lo -j ACCEPT"
]
++ map accept-new-tcp (unique cfg.input-internet-accept-new-tcp)
++ map accept-new-tcp (unique (map toString cfg.input-internet-accept-new-tcp))
++ ["-i retiolum -j Retiolum"]
)}
${concatMapStringsSep "\n" (rule: "-A Retiolum ${rule}") ([]
@ -88,7 +88,7 @@ let
"-p ipv6-icmp -m icmp6 --icmpv6-type echo-request -j ACCEPT"
];
}."ip${toString iptables-version}tables"
++ map accept-new-tcp (unique cfg.input-retiolum-accept-new-tcp)
++ map accept-new-tcp (unique (map toString cfg.input-retiolum-accept-new-tcp))
++ {
ip4tables = [
"-p tcp -j REJECT --reject-with tcp-reset"