movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-14 14:10:33 +03:00
Code Activity

*: migrate to using nftables.tables instead of ruleset directly

Browse source
This commit is contained in:
Maciej Krüger 2022-12-26 00:28:57 +01:00
parent 048ef0d455
commit 311d2fa994
No known key found for this signature in database
GPG key ID: 0D948CE19CF49C5F
3 changed files with 22 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

9
nixos/modules/services/networking/firewall-nftables.nix
View file

@ -70,10 +70,8 @@ in
}
];
networking.nftables.ruleset = ''
table inet nixos-fw {
networking.nftables.tables."nixos-fw".family = "inet";
networking.nftables.tables."nixos-fw".content = ''
${optionalString (cfg.checkReversePath != false) ''
chain rpfilter {
type filter hook prerouting priority mangle + 10; policy drop;
@ -169,9 +167,6 @@ in
}
''}
}
'';
};