diff options
author | lassulus <lassulus@lassul.us> | 2022-03-25 14:29:50 +0100 |
---|---|---|
committer | lassulus <lassulus@lassul.us> | 2022-03-25 14:29:50 +0100 |
commit | ae9c0b12710b5361d0d45510eb401eebfc1b3fb0 (patch) | |
tree | 8801ae68e3c0a02c43108674d4f1a9ccc1e9256f | |
parent | a0c8d2186301b21e5922ce34654b76cff0f44fb9 (diff) |
iptables: fix range definition
-rw-r--r-- | krebs/3modules/iptables.nix | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix index 3bab13b0e..7007090c0 100644 --- a/krebs/3modules/iptables.nix +++ b/krebs/3modules/iptables.nix @@ -125,8 +125,8 @@ let (interface: interfaceConfig: [ (map (port: { predicate = "-i ${interface} -p tcp --dport ${toString port}"; target = "ACCEPT"; }) interfaceConfig.allowedTCPPorts) (map (port: { predicate = "-i ${interface} -p udp --dport ${toString port}"; target = "ACCEPT"; }) interfaceConfig.allowedUDPPorts) - (map (portRange: { predicate = "-i ${interface} -p tcp --dport ${toString port.from}:${toString port.to}"; target = "ACCEPT"; }) interfaceConfig.allowedTCPPortRanges) - (map (portRange: { predicate = "-i ${interface} -p udp --dport ${toString port.from}:${toString port.to}"; target = "ACCEPT"; }) interfaceConfig.allowedUDPPortRanges) + (map (portRange: { predicate = "-i ${interface} -p tcp --dport ${toString portRange.from}:${toString portRange.to}"; target = "ACCEPT"; }) interfaceConfig.allowedTCPPortRanges) + (map (portRange: { predicate = "-i ${interface} -p udp --dport ${toString portRange.from}:${toString portRange.to}"; target = "ACCEPT"; }) interfaceConfig.allowedUDPPortRanges) ]) config.networking.firewall.interfaces ); |