Firewall: Difference between revisions
Add a section on how to configure the nftables firewall with more fine-grained rules than just 'allowed ports'. |
m →Temporary firewall rules: Remove statement that nixos-firewall-tool only works with iptables |
||
| (One intermediate revision by one other user not shown) | |||
| Line 58: | Line 58: | ||
</nowiki>}} | </nowiki>}} | ||
This will add the two specified rules to the <code>input-allow</code> chain in the <code>nixos-fw</code> table. You should of, | This will add the two specified rules to the <code>input-allow</code> chain in the <code>nixos-fw</code> table. You should, of course, replace the port and subnets with your own. | ||
== Tips and tricks == | == Tips and tricks == | ||
| Line 68: | Line 68: | ||
=== Temporary firewall rules === | === Temporary firewall rules === | ||
For temporary changes to the firewall rules, you can install the [https://search.nixos.org/packages?query=nixos-firewall-tool <code>nixos-firewall-tool</code>] package, which is a [https://github.com/NixOS/nixpkgs/blob/7eee17a8a5868ecf596bbb8c8beb527253ea8f4d/pkgs/by-name/ni/nixos-firewall-tool/nixos-firewall-tool.sh thin wrapper] around <code>iptables</code> and <code>nftables</code>. | |||
[[Category:Server]] | [[Category:Server]] | ||
[[Category:Applications]] | [[Category:Applications]] | ||