From 48dce5d6d9d19e9c560313461574152dbb795487 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Tue, 16 Jun 2015 20:48:08 +0200 Subject: networking.firewall --- bragi.nix | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/bragi.nix b/bragi.nix index 9626c5ba..3ef65f26 100644 --- a/bragi.nix +++ b/bragi.nix @@ -20,10 +20,6 @@ networking.hostId = "2af11085"; networking.wireless.enable = true; - networking.firewall = { - enable = false; - }; - nixpkgs.config.packageOverrides = pkgs: { trivmix = let trivmix = pkgs.haskellPackages.callPackage ./custom/trivmix.nix {}; in @@ -180,6 +176,15 @@ ]; }; + networking.firewall = { + enable = true; + allowPing = true; + allowTCPPorts = [ 22 + ]; + allowUDPPortRanges = [ { from = 60000; to = 61000; } # mosh + ]; + }; + services.dhcpd = { enable = true; interfaces = "enp1s0"; -- cgit v1.2.3