diff --git a/host/x86_64-linux/dasha/Network.nix b/host/x86_64-linux/dasha/Network.nix index 8d4e8367..9719b357 100644 --- a/host/x86_64-linux/dasha/Network.nix +++ b/host/x86_64-linux/dasha/Network.nix @@ -4,6 +4,14 @@ # Ssh access. iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22143 ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143 + + # Syncthing. + iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000 + iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000 + iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027 + ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000 + ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000 + ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027 ''; }; } diff --git a/host/x86_64-linux/desktop/Network.nix b/host/x86_64-linux/desktop/Network.nix index bb763fd8..9719b357 100644 --- a/host/x86_64-linux/desktop/Network.nix +++ b/host/x86_64-linux/desktop/Network.nix @@ -6,6 +6,9 @@ ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143 # Syncthing. + iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000 + iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000 + iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027 ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000 ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000 ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027 diff --git a/host/x86_64-linux/laptop/Network.nix b/host/x86_64-linux/laptop/Network.nix index 8d4e8367..9719b357 100644 --- a/host/x86_64-linux/laptop/Network.nix +++ b/host/x86_64-linux/laptop/Network.nix @@ -4,6 +4,14 @@ # Ssh access. iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22143 ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143 + + # Syncthing. + iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000 + iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000 + iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027 + ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000 + ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000 + ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027 ''; }; } diff --git a/host/x86_64-linux/max/Network.nix b/host/x86_64-linux/max/Network.nix new file mode 100644 index 00000000..9719b357 --- /dev/null +++ b/host/x86_64-linux/max/Network.nix @@ -0,0 +1,17 @@ +{ ... }: { + networking = { + firewall.extraCommands = '' + # Ssh access. + iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22143 + ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143 + + # Syncthing. + iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000 + iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000 + iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027 + ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000 + ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000 + ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027 + ''; + }; +} diff --git a/host/x86_64-linux/pocket/Network.nix b/host/x86_64-linux/pocket/Network.nix index 8d4e8367..9719b357 100644 --- a/host/x86_64-linux/pocket/Network.nix +++ b/host/x86_64-linux/pocket/Network.nix @@ -4,6 +4,14 @@ # Ssh access. iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22143 ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143 + + # Syncthing. + iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000 + iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000 + iptables -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027 + ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000 + ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000 + ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027 ''; }; }