surtr: nftables

author: Gregor Kleen <gkleen@yggdrasil.li> 2021-12-13 18:05:08 +0100
committer: Gregor Kleen <gkleen@yggdrasil.li> 2021-12-13 18:05:08 +0100
commit: 1f0101786a8c3eb9767132bf5317672b3cf9d16c (patch)
tree: 6fefd72f50cbea3121870f5bd0f31d917bd4d826 /hosts/surtr/default.nix
parent: 570df959e20b32884cb8ba62a6509257dbf20ce7 (diff)
download: nixos-1f0101786a8c3eb9767132bf5317672b3cf9d16c.tar
nixos-1f0101786a8c3eb9767132bf5317672b3cf9d16c.tar.gz
nixos-1f0101786a8c3eb9767132bf5317672b3cf9d16c.tar.bz2
nixos-1f0101786a8c3eb9767132bf5317672b3cf9d16c.tar.xz
nixos-1f0101786a8c3eb9767132bf5317672b3cf9d16c.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/hosts/surtr/default.nix b/hosts/surtr/default.nix
index 028ae832..61d28f22 100644
--- a/hosts/surtr/default.nix
+++ b/hosts/surtr/default.nix
@@ -64,6 +64,12 @@
        ];
      };
+      firewall.enable = false;
+      nftables = {
+        enable = true;
+        rulesetFile = ./ruleset.nft;
+      };
      firewall = {
        enable = true;
        allowPing = true;
author	Gregor Kleen <gkleen@yggdrasil.li>	2021-12-13 18:05:08 +0100
committer	Gregor Kleen <gkleen@yggdrasil.li>	2021-12-13 18:05:08 +0100
commit	1f0101786a8c3eb9767132bf5317672b3cf9d16c (patch)
tree	6fefd72f50cbea3121870f5bd0f31d917bd4d826 /hosts/surtr/default.nix
parent	570df959e20b32884cb8ba62a6509257dbf20ce7 (diff)
download	nixos-1f0101786a8c3eb9767132bf5317672b3cf9d16c.tar nixos-1f0101786a8c3eb9767132bf5317672b3cf9d16c.tar.gz nixos-1f0101786a8c3eb9767132bf5317672b3cf9d16c.tar.bz2 nixos-1f0101786a8c3eb9767132bf5317672b3cf9d16c.tar.xz nixos-1f0101786a8c3eb9767132bf5317672b3cf9d16c.zip