Network: Replace fw rules with full network access.
This commit is contained in:
parent
301f08b899
commit
1069d65572
|
@ -1,17 +1,9 @@
|
||||||
{ ... }: {
|
{ ... }: {
|
||||||
networking = {
|
networking = {
|
||||||
firewall.extraCommands = ''
|
firewall.extraCommands = ''
|
||||||
# Ssh access.
|
# Local access.
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22143
|
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143
|
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48
|
||||||
|
|
||||||
# Syncthing.
|
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000
|
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000
|
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027
|
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000
|
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000
|
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027
|
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,17 +1,9 @@
|
||||||
{ ... }: {
|
{ ... }: {
|
||||||
networking = {
|
networking = {
|
||||||
firewall.extraCommands = ''
|
firewall.extraCommands = ''
|
||||||
# Ssh access.
|
# Local access.
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22143
|
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143
|
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48
|
||||||
|
|
||||||
# Syncthing.
|
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000
|
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000
|
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027
|
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000
|
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000
|
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027
|
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,17 +1,9 @@
|
||||||
{ ... }: {
|
{ ... }: {
|
||||||
networking = {
|
networking = {
|
||||||
firewall.extraCommands = ''
|
firewall.extraCommands = ''
|
||||||
# Ssh access.
|
# Local access.
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22143
|
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143
|
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48
|
||||||
|
|
||||||
# Syncthing.
|
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000
|
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000
|
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027
|
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000
|
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000
|
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027
|
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,17 +1,9 @@
|
||||||
{ ... }: {
|
{ ... }: {
|
||||||
networking = {
|
networking = {
|
||||||
firewall.extraCommands = ''
|
firewall.extraCommands = ''
|
||||||
# Ssh access.
|
# Local access.
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22143
|
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143
|
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48
|
||||||
|
|
||||||
# Syncthing.
|
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000
|
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000
|
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027
|
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000
|
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000
|
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027
|
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,17 +1,9 @@
|
||||||
{ ... }: {
|
{ ... }: {
|
||||||
networking = {
|
networking = {
|
||||||
firewall.extraCommands = ''
|
firewall.extraCommands = ''
|
||||||
# Ssh access.
|
# Local access.
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22143
|
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143
|
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48
|
||||||
|
|
||||||
# Syncthing.
|
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000
|
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000
|
|
||||||
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027
|
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000
|
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000
|
|
||||||
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027
|
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue