iptables: fix range definition

author: lassulus <lassulus@lassul.us> 2022-03-25 14:29:50 +0100
committer: lassulus <lassulus@lassul.us> 2022-03-25 14:29:50 +0100
commit: ae9c0b12710b5361d0d45510eb401eebfc1b3fb0 (patch)
tree: 8801ae68e3c0a02c43108674d4f1a9ccc1e9256f /krebs/3modules/iptables.nix
parent: a0c8d2186301b21e5922ce34654b76cff0f44fb9 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix
index 3bab13b0..7007090c 100644
--- a/krebs/3modules/iptables.nix
+++ b/krebs/3modules/iptables.nix
@@ -125,8 +125,8 @@ let
         (interface: interfaceConfig: [
           (map (port: { predicate = "-i ${interface} -p tcp --dport ${toString port}"; target = "ACCEPT"; }) interfaceConfig.allowedTCPPorts)
           (map (port: { predicate = "-i ${interface} -p udp --dport ${toString port}"; target = "ACCEPT"; }) interfaceConfig.allowedUDPPorts)
-          (map (portRange: { predicate = "-i ${interface} -p tcp --dport ${toString port.from}:${toString port.to}"; target = "ACCEPT"; }) interfaceConfig.allowedTCPPortRanges)
-          (map (portRange: { predicate = "-i ${interface} -p udp --dport ${toString port.from}:${toString port.to}"; target = "ACCEPT"; }) interfaceConfig.allowedUDPPortRanges)
+          (map (portRange: { predicate = "-i ${interface} -p tcp --dport ${toString portRange.from}:${toString portRange.to}"; target = "ACCEPT"; }) interfaceConfig.allowedTCPPortRanges)
+          (map (portRange: { predicate = "-i ${interface} -p udp --dport ${toString portRange.from}:${toString portRange.to}"; target = "ACCEPT"; }) interfaceConfig.allowedUDPPortRanges)
         ])
         config.networking.firewall.interfaces
       );
author	lassulus <lassulus@lassul.us>	2022-03-25 14:29:50 +0100
committer	lassulus <lassulus@lassul.us>	2022-03-25 14:29:50 +0100
commit	ae9c0b12710b5361d0d45510eb401eebfc1b3fb0 (patch)
tree	8801ae68e3c0a02c43108674d4f1a9ccc1e9256f /krebs/3modules/iptables.nix
parent	a0c8d2186301b21e5922ce34654b76cff0f44fb9 (diff)