aboutsummaryrefslogtreecommitdiff
path: root/modules/system/firewall.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/system/firewall.nix')
-rw-r--r--modules/system/firewall.nix10
1 files changed, 5 insertions, 5 deletions
diff --git a/modules/system/firewall.nix b/modules/system/firewall.nix
index 289f635..ccd5750 100644
--- a/modules/system/firewall.nix
+++ b/modules/system/firewall.nix
@@ -2,14 +2,14 @@
let
inherit (builtins) length toString replaceStrings;
- inherit (lib) flatten concatMapStringsSep optionalString splitString mkOption;
- inherit (lib.types) listOf int either submodule enum str;
+ inherit (lib) concatMapStringsSep optionalString splitString mkOption;
+ inherit (lib.types) listOf int submodule enum str;
inherit (config.nixsap.system.firewall) whitelist;
iptablesAllow = { dport, protocol, source, comment, ... }:
let
- ports = concatMapStringsSep "," toString (flatten [dport]);
+ ports = concatMapStringsSep "," toString dport;
iptables = if 1 < length (splitString ":" source)
then "ip6tables" else "iptables";
in "${iptables} -w -A nixos-fw -m multiport "
@@ -24,8 +24,8 @@ in {
type = listOf (submodule {
options = {
dport = mkOption {
- description = "Destination port or list of ports";
- type = either int (listOf int);
+ description = "Destination ports";
+ type = listOf int;
};
source = mkOption {
description = "Source specification: a network IP address (with optional /mask)";
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-20 10:14:54 +0000