forked from zentralwerk/network
nixos-module/firewall: fix
This commit is contained in:
parent
19f0ae856f
commit
46debf50c5
|
@ -5,7 +5,7 @@ lib.mkIf config.site.hosts.${hostName}.firewall.enable {
|
|||
enable = true;
|
||||
extraCommands = ''
|
||||
ip46tables -A FORWARD -i core -m state --state ESTABLISHED,RELATED -j ACCEPT
|
||||
ip46tables -A FORWARD -i core -j REJECT --reject-with net-unreach
|
||||
ip46tables -A FORWARD -i core -j REJECT
|
||||
'';
|
||||
extraStopCommands = ''
|
||||
ip46tables -F FORWARD
|
||||
|
|
Loading…
Reference in New Issue