diff options
author | Janik H. <janik@aq0.de> | 2023-11-18 16:00:33 +0100 |
---|---|---|
committer | Janik H. <janik@aq0.de> | 2023-11-18 17:08:30 +0100 |
commit | fa9cdc83ab2a284aeaeebbeef89ec0d7eda17943 (patch) | |
tree | 4a720b4b9af6b81fbeffcae241909c4a06afde9d /nixos | |
parent | b9aa1e958b732626062f78fd0a0dd60ae42d84a6 (diff) |
nixos/firewall: install nixos-firewall-tool for iptables by default
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2311.section.md | 2 | ||||
-rw-r--r-- | nixos/modules/services/networking/firewall-iptables.nix | 1 |
2 files changed, 3 insertions, 0 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2311.section.md b/nixos/doc/manual/release-notes/rl-2311.section.md index d12695e20dea6..2bbbdd58ad907 100644 --- a/nixos/doc/manual/release-notes/rl-2311.section.md +++ b/nixos/doc/manual/release-notes/rl-2311.section.md @@ -425,6 +425,8 @@ - `zfs` was updated from 2.1.x to 2.2.0, [enabling newer kernel support and adding new features](https://github.com/openzfs/zfs/releases/tag/zfs-2.2.0). +- The iptables firewall module now installs the `nixos-firewall-tool` which allows the user to easily temporarily open ports through the firewall. + - Elixir now defaults to version [v1.15](https://elixir-lang.org/blog/2023/06/19/elixir-v1-15-0-released/). diff --git a/nixos/modules/services/networking/firewall-iptables.nix b/nixos/modules/services/networking/firewall-iptables.nix index 63e952194d671..e900868387203 100644 --- a/nixos/modules/services/networking/firewall-iptables.nix +++ b/nixos/modules/services/networking/firewall-iptables.nix @@ -301,6 +301,7 @@ in } ]; + environment.systemPackages = [ pkgs.nixos-firewall-tool ]; networking.firewall.checkReversePath = mkIf (!kernelHasRPFilter) (mkDefault false); systemd.services.firewall = { |