summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlassulus <git@lassul.us>2023-09-04 10:19:43 +0200
committerlassulus <git@lassul.us>2023-09-04 10:19:43 +0200
commit472e71f1d67e9df8ba5248bcf0854dc475fdb95b (patch)
treeab05064cbdddca084f4b93ef8fde5554463e1768
parentdcb9216d5c5e916378cca66aa09960a108d7b05e (diff)
l prism.r: allow samba from wiregrill
-rw-r--r--lass/1systems/prism/config.nix4
1 files changed, 2 insertions, 2 deletions
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 0753b69b5..e93183c9e 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -292,7 +292,7 @@ with import <stockholm/lib>;
netbios name = PRISM
server string = ${config.networking.hostName}
# only allow retiolum addresses
- hosts allow = 42::/16 10.243.0.0/16
+ hosts allow = 42::/16 10.243.0.0/16 10.244.0.0/16
# Use sendfile() for performance gain
use sendfile = true
@@ -334,13 +334,13 @@ with import <stockholm/lib>;
krebs.iptables.tables.filter.INPUT.rules = [
# smbd
{ predicate = "-i retiolum -p tcp --dport 445"; target = "ACCEPT"; }
-
{ predicate = "-i retiolum -p tcp --dport 111"; target = "ACCEPT"; }
{ predicate = "-i retiolum -p udp --dport 111"; target = "ACCEPT"; }
{ predicate = "-i retiolum -p tcp --dport 2049"; target = "ACCEPT"; }
{ predicate = "-i retiolum -p udp --dport 2049"; target = "ACCEPT"; }
{ predicate = "-i retiolum -p tcp --dport 4000:4002"; target = "ACCEPT"; }
{ predicate = "-i retiolum -p udp --dport 4000:4002"; target = "ACCEPT"; }
+ { predicate = "-i wiregrill -p tcp --dport 445"; target = "ACCEPT"; }
{ predicate = "-i wiregrill -p tcp --dport 111"; target = "ACCEPT"; }
{ predicate = "-i wiregrill -p udp --dport 111"; target = "ACCEPT"; }
{ predicate = "-i wiregrill -p tcp --dport 2049"; target = "ACCEPT"; }