zentralwerk/network
zentralwerk
/
network
12
4
Fork 2
Code Issues 3 Pull Requests 1 Releases Wiki Activity

nixos-module/firewall: fix allowing ospf on routers

This commit is contained in:
Astro 2024-02-05 03:52:02 +01:00
parent 19527e47fd
commit 65127a79aa
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
nix/nixos-module/firewall.nix
View File

@ -3,12 +3,11 @@
let let
hostConfig = config.site.hosts.${hostName}; hostConfig = config.site.hosts.${hostName};
in in {
lib.mkIf hostConfig.firewall.enable { networking.firewall = lib.mkIf hostConfig.firewall.enable {
networking.firewall = {
enable = true; enable = true;
extraCommands = '' extraCommands = ''
${lib.optional hostConfig.isRouter '' ${lib.optionalString hostConfig.isRouter ''
ip46tables -I nixos-fw -p ospfigp -j ACCEPT ip46tables -I nixos-fw -p ospfigp -j ACCEPT
''} ''}