Firejail: Difference between revisions

← Older editNewer edit →
VisualWikitext
imported>Luflosi
m Fix grammar
imported>Onny
mNo edit summary
Line 81: Line 81:
};
};


networking.firewall.extraCommands = ''
networking.firewall = {
  iptables -t nat -A PREROUTING -i tornet -p udp -m udp --dport 53 -j DNAT --to-destination 127.0.0.1:5353
  enable = true;
  iptables -t nat -A PREROUTING -i tornet -p tcp -j DNAT --to-destination 127.0.0.1:9040
  extraCommands = ''
  iptables -A INPUT -i tornet -p tcp --dport 9040 -j ACCEPT
    iptables -t nat -A PREROUTING -i tornet -p udp -m udp --dport 53 -j DNAT --to-destination 127.0.0.1:5353
  iptables -A INPUT -i tornet -p udp --dport 5353 -j ACCEPT
    iptables -t nat -A PREROUTING -i tornet -p tcp -j DNAT --to-destination 127.0.0.1:9040
'';
    iptables -A INPUT -i tornet -p tcp --dport 9040 -j ACCEPT
    iptables -A INPUT -i tornet -p udp --dport 5353 -j ACCEPT
  '';
};
</syntaxhighlight>
</syntaxhighlight>


Retrieved from "https://wiki.nixos.org/wiki/Firejail"