Firewall: Difference between revisions
Reword and refactor layout |
m Add tip on how to log dropped/rejected network packets |
||
| Line 45: | Line 45: | ||
== Tips and tricks == | == Tips and tricks == | ||
=== Log all dropped/rejected network packets === | |||
On a vanilla NixOS install, the [https://search.nixos.org/options?show=networking.firewall.logRefusedPackets&query=networking.firewall.logRefusedPackets <code>networking.firewall.logRefusedPackets = true;</code>] stanza lets you see lines in syslog with the prefix <code>refused packet:</code>, once you <code>sudo nixos-rebuild switch</code> and then <code>sudo dmesg --follow --human | grep 'refused packet:'</code>. | |||
=== Temporary firewall rules === | === Temporary firewall rules === | ||