vskilet/nixos-config
1
0
Fork 0
forked from nyanloutre/nixos-config
Code Issues Pull Requests Releases Wiki Activity

firewall: limitation NFS et Slimserver au LAN

Browse Source
This commit is contained in:
nyanloutre 2019-04-27 11:34:17 +02:00
parent ef0a6f3cc9
commit e53f70e680
2 changed files with 15 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
systems/LoutreOS/configuration.nix
View File

@ -83,6 +83,21 @@ in
internalInterfaces = [ "eno2" ]; internalInterfaces = [ "eno2" ];
}; };
firewall = {
allowedTCPPorts = [ ];
allowedUDPPorts = [ ];
interfaces.eno2 = {
allowedTCPPorts = [
111 2049 4000 4001 4002 # NFS
3483 9000 9090 # Slimserver
];
allowedUDPPorts = [
111 2049 4000 4001 4002 # NFS
3483 # Slimserver
];
};
enable = true;
};
}; };
services.dhcpd4 = { services.dhcpd4 = {
@ -108,12 +123,6 @@ in
passwordAuthentication = false; passwordAuthentication = false;
}; };
networking.firewall = {
allowedTCPPorts = [ ];
allowedUDPPorts = [ ];
enable = true;
};
security.sudo.wheelNeedsPassword = false; security.sudo.wheelNeedsPassword = false;
system.stateVersion = "18.03"; system.stateVersion = "18.03";

4
systems/LoutreOS/services.nix
View File

@ -436,8 +436,6 @@ in
}; };
firewall.allowedTCPPorts = [ firewall.allowedTCPPorts = [
111 2049 4000 4001 4002 # NFS
3483 9000 9090 # Slimserver
51413 # Transmission 51413 # Transmission
8448 # Matrix federation 8448 # Matrix federation
20 21 # FTP 20 21 # FTP
@ -448,8 +446,6 @@ in
]; ];
firewall.allowedUDPPorts = [ firewall.allowedUDPPorts = [
111 2049 4000 4001 4002 # NFS
3483 # Slimserver
51413 # Transmission 51413 # Transmission
51820 # Wireguard 51820 # Wireguard
]; ];