voronind/nix
0
0
Fork 0
Code Issues 40 Pull requests Packages Projects Releases Wiki Activity

Network: Allow syncthing.

Browse source
This commit is contained in:
Dmitry Voronin 2024-12-13 10:48:04 +03:00
parent 3a20dda62d
commit 301f08b899
5 changed files with 44 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
host/x86_64-linux/dasha/Network.nix
View file

@ -4,6 +4,14 @@
# Ssh access.
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22143
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143
# Syncthing.
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027
'';
};
}

3
host/x86_64-linux/desktop/Network.nix
View file

@ -6,6 +6,9 @@
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143
# Syncthing.
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027

8
host/x86_64-linux/laptop/Network.nix
View file

@ -4,6 +4,14 @@
# Ssh access.
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22143
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143
# Syncthing.
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027
'';
};
}

17
host/x86_64-linux/max/Network.nix Normal file
View file

@ -0,0 +1,17 @@
{ ... }: {
networking = {
firewall.extraCommands = ''
# Ssh access.
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22143
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143
# Syncthing.
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027
'';
};
}

8
host/x86_64-linux/pocket/Network.nix
View file

@ -4,6 +4,14 @@
# Ssh access.
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22143
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143
# Syncthing.
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000
iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027
'';
};
}