diff options
| author | lassulus <git@lassul.us> | 2024-09-25 17:28:58 +0200 |
|---|---|---|
| committer | lassulus <git@lassul.us> | 2024-09-25 17:28:58 +0200 |
| commit | ceccc167d2d0e6c535b769e80254d86381f5c7de (patch) | |
| tree | 1a11bdd47e5afc2c61cf8d7dd9e3833120593cff /krebs/3modules/iptables.nix | |
| parent | bccbc3f313ef3a8adcc96db95685c16f9062db19 (diff) | |
iptables: fix portrange usage
Diffstat (limited to 'krebs/3modules/iptables.nix')
| -rw-r--r-- | krebs/3modules/iptables.nix | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix index 32a5273a5..16f1f3c84 100644 --- a/krebs/3modules/iptables.nix +++ b/krebs/3modules/iptables.nix @@ -108,12 +108,12 @@ let }) ({ krebs.iptables.tables.filter.INPUT.rules = map - (portRange: { predicate = "-p tcp --dport ${toString port.from}:${toString port.to}"; target = "ACCEPT"; }) + (portRange: { predicate = "-p tcp --dport ${toString portRange.from}:${toString portRange.to}"; target = "ACCEPT"; }) config.networking.firewall.allowedTCPPortRanges; }) ({ krebs.iptables.tables.filter.INPUT.rules = map - (portRange: { predicate = "-p udp --dport ${toString port.from}:${toString port.to}"; target = "ACCEPT"; }) + (portRange: { predicate = "-p udp --dport ${toString portRange.from}:${toString portRange.to}"; target = "ACCEPT"; }) config.networking.firewall.allowedUDPPortRanges; }) ({ |