From 29cfc56f759df0857e9ef2fa2578859c0cd5dfd8 Mon Sep 17 00:00:00 2001
From: schweby <schweby@posteo.net>
Date: Fri, 26 Mar 2021 10:40:10 +0100
Subject: [PATCH] hainich: block x_tables module

this also blocks the x_tables module to prent it from loading
ip_tables
---
 hosts/hainich/configuration.nix | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/hosts/hainich/configuration.nix b/hosts/hainich/configuration.nix
index ce2a565..55b1ad0 100644
--- a/hosts/hainich/configuration.nix
+++ b/hosts/hainich/configuration.nix
@@ -27,8 +27,9 @@
   boot.loader.grub.device = "/dev/sda";
   boot.supportedFilesystems = [ "zfs" ];
 
-  # stop presumably docker form loading ip_tables and breaking nftables
-  boot.blacklistedKernelModules = [ "ip_tables" "ip6_tables" ]; 
+  # stop *something* form loading ip_tables and breaking nftables
+  boot.blacklistedKernelModules = [ "ip_tables" "ip6_tables"  "x_tables"]; 
+
 
   # networking
   networking.hostName = "hainich";