diff options
author | Atemu <atemu.main@gmail.com> | 2023-11-20 23:23:24 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-11-20 23:23:24 +0100 |
commit | cfe01551540042983152c147bb158a69cbd48462 (patch) | |
tree | 4ffe6b3cc131632868a63ea01992a3f2cb029bb2 /nixos | |
parent | ea1083e832baccea1afc43c52e46e8ddea0f794b (diff) | |
parent | fa9cdc83ab2a284aeaeebbeef89ec0d7eda17943 (diff) |
Merge pull request #268324 from Janik-Haag/nixos-firewall-tool
nixos/firewall: install nixos-firewall-tool for iptables by default
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2311.section.md | 2 | ||||
-rw-r--r-- | nixos/modules/services/networking/firewall-iptables.nix | 1 |
2 files changed, 3 insertions, 0 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2311.section.md b/nixos/doc/manual/release-notes/rl-2311.section.md index e2853569423dc..d14444936b5a0 100644 --- a/nixos/doc/manual/release-notes/rl-2311.section.md +++ b/nixos/doc/manual/release-notes/rl-2311.section.md @@ -428,6 +428,8 @@ - `zfs` was updated from 2.1.x to 2.2.0, [enabling newer kernel support and adding new features](https://github.com/openzfs/zfs/releases/tag/zfs-2.2.0). +- The iptables firewall module now installs the `nixos-firewall-tool` which allows the user to easily temporarily open ports through the firewall. + - Elixir now defaults to version [v1.15](https://elixir-lang.org/blog/2023/06/19/elixir-v1-15-0-released/). diff --git a/nixos/modules/services/networking/firewall-iptables.nix b/nixos/modules/services/networking/firewall-iptables.nix index 63e952194d671..e900868387203 100644 --- a/nixos/modules/services/networking/firewall-iptables.nix +++ b/nixos/modules/services/networking/firewall-iptables.nix @@ -301,6 +301,7 @@ in } ]; + environment.systemPackages = [ pkgs.nixos-firewall-tool ]; networking.firewall.checkReversePath = mkIf (!kernelHasRPFilter) (mkDefault false); systemd.services.firewall = { |