Networking: Difference between revisions

@@ Line 120: / Line 120: @@
 === Virtualization ===
+Sometimes complex network configurations with VPNs or firewall rules you may need extra configurations in order for your VMs to have network access. It is recommended to use more granular control over the ports instead of simply allowing the entire interface.<syntaxhighlight lang="nix">networking = {
-== Sometimes with complex network configurations such as with VPNs or firewall rules you may need extra configurations in order for your VMs to have network access. ==
-<syntaxhighlight lang="nix">
-networking = {
    firewall = {
      enable = true;
-     trustedInterfaces = [
+     # Allows the entire interface through the firewall.
-      "virbr0"
+    # trustedInterfaces = [
-     ];
+    #   "virbr0"
+     # ];
+    # Allows individual ports through the firewall.
+    interfaces = {
+      virbr0 = {
+        allowedUDPPorts = [
+          # DNS
+          # DHCP
+          # You may want to allow more ports such as ipv6 and other services here.
+        ];
+      };
+    };
    };
    nat = {
@@ Line 138: / Line 149: @@
      ];
    };
-};
+};</syntaxhighlight>
-</syntaxhighlight>
 == IPv6 ==