diff options
Diffstat (limited to 'nixos/modules/services/networking/firewall.nix')
| -rw-r--r-- | nixos/modules/services/networking/firewall.nix | 6 |
1 files changed, 1 insertions, 5 deletions
diff --git a/nixos/modules/services/networking/firewall.nix b/nixos/modules/services/networking/firewall.nix index ff023a888f268..7482e29a3fda9 100644 --- a/nixos/modules/services/networking/firewall.nix +++ b/nixos/modules/services/networking/firewall.nix @@ -179,10 +179,6 @@ let ) cfg.allowedUDPPortRanges ) allInterfaces)} - # Accept IPv4 multicast. Not a big security risk since - # probably nobody is listening anyway. - #iptables -A nixos-fw -d 224.0.0.0/4 -j nixos-fw-accept - # Optionally respond to ICMPv4 pings. ${optionalString cfg.allowPing '' iptables -w -A nixos-fw -p icmp --icmp-type echo-request ${optionalString (cfg.pingLimit != null) @@ -326,7 +322,7 @@ in type = types.package; default = pkgs.iptables; defaultText = literalExpression "pkgs.iptables"; - example = literalExpression "pkgs.iptables-nftables-compat"; + example = literalExpression "pkgs.iptables-legacy"; description = '' The iptables package to use for running the firewall service." |