tixie/nixcfg
1
0
Fork 0
forked from Deuxfleurs/nixcfg
Code Pull requests Activity

Fix firewall rule for IGD

Browse source
This commit is contained in:
Alex 2022-05-09 00:29:17 +02:00
parent 178107af0c
commit 1e23341710
Signed by untrusted user: lx
GPG key ID: 0E496D15096376BE
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
nix/deuxfleurs.nix
View file

@ -219,7 +219,7 @@ in
# Allow specific hosts access to specific things in the cluster
extraCommands = ''
# Allow everything from router (usefull for UPnP/IGD)
iptables -A INPUT -s 192.168.1.254 -j ACCEPT
iptables -A INPUT -s ${cfg.lan_default_gateway} -j ACCEPT
# Allow docker containers to access all ports
iptables -A INPUT -s 172.17.0.0/16 -j ACCEPT
@ -230,7 +230,7 @@ in
# When stopping firewall, delete all rules that were configured manually above
extraStopCommands = ''
iptables -D INPUT -s 192.168.1.254 -j ACCEPT
iptables -D INPUT -s ${cfg.lan_default_gateway} -j ACCEPT
iptables -D INPUT -s 172.17.0.0/16 -j ACCEPT
iptables -D INPUT -s ${cfg.wesher_cluster_prefix}/${toString cfg.wesher_cluster_prefix_length} -j ACCEPT
'';