diff options
author | Profpatsch <mail@profpatsch.de> | 2018-12-22 00:15:00 +0100 |
---|---|---|
committer | Profpatsch <mail@profpatsch.de> | 2018-12-22 00:15:00 +0100 |
commit | df8d40b1a0ba65b4706628e12f895fb7839b2a3b (patch) | |
tree | 14a65d88654bb2ad9636bfb922dfd0747c2cc588 /machines/profpatsch/base-workstation.nix | |
parent | f790ef33812bd8058a51a26dae1a1910e10722e6 (diff) |
machines/profpatsch/workstation: enable firewall
Diffstat (limited to 'machines/profpatsch/base-workstation.nix')
-rw-r--r-- | machines/profpatsch/base-workstation.nix | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/machines/profpatsch/base-workstation.nix b/machines/profpatsch/base-workstation.nix index e19a755b..41753ebd 100644 --- a/machines/profpatsch/base-workstation.nix +++ b/machines/profpatsch/base-workstation.nix @@ -22,7 +22,13 @@ in { hardware.cpu.intel.updateMicrocode = true; networking = { - firewall.enable = false; + # better for untrusted networks + firewall = { + enable = true; + # for manual/temporary stuff + allowedTCPPortRanges = + [{ from = 9990; to = 9999; }]; + }; }; i18n = { |