From ceccc167d2d0e6c535b769e80254d86381f5c7de Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 25 Sep 2024 17:28:58 +0200 Subject: iptables: fix portrange usage --- krebs/3modules/iptables.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix index 32a5273a5..16f1f3c84 100644 --- a/krebs/3modules/iptables.nix +++ b/krebs/3modules/iptables.nix @@ -108,12 +108,12 @@ let }) ({ krebs.iptables.tables.filter.INPUT.rules = map - (portRange: { predicate = "-p tcp --dport ${toString port.from}:${toString port.to}"; target = "ACCEPT"; }) + (portRange: { predicate = "-p tcp --dport ${toString portRange.from}:${toString portRange.to}"; target = "ACCEPT"; }) config.networking.firewall.allowedTCPPortRanges; }) ({ krebs.iptables.tables.filter.INPUT.rules = map - (portRange: { predicate = "-p udp --dport ${toString port.from}:${toString port.to}"; target = "ACCEPT"; }) + (portRange: { predicate = "-p udp --dport ${toString portRange.from}:${toString portRange.to}"; target = "ACCEPT"; }) config.networking.firewall.allowedUDPPortRanges; }) ({ -- cgit v1.2.3