make parsons/nftables.nix nicer #10

Closed
stuebinm wants to merge 1 commit from nicer-nftables into main
Owner

This re-uses the (currently unused) config options networking.firewall.allowed{TCP,UDP}Port{Range,}s again.

It's a no-op as far as actual config is concerned, but I think it makes the config easier to work with, though there are still many other networking options which we set that currently do nothing (e.g. the network bridge to lxc).

I'm not sure how much of these we want to solve like this; if we do too many, we'd wind up maintaining yet another nftables module.

Alternatively, we could also decide that using nftables "by hand" is fine with us. but then we should probably remove all the config options which don't do anything anymore..

This re-uses the (currently unused) config options `networking.firewall.allowed{TCP,UDP}Port{Range,}s` again. It's a no-op as far as actual config is concerned, but I think it makes the config easier to work with, though there are still many other networking options which we set that currently do nothing (e.g. the network bridge to lxc). I'm not sure how much of these we want to solve like this; if we do too many, we'd wind up maintaining yet another nftables module. Alternatively, we could also decide that using nftables "by hand" is fine with us. but then we should probably remove all the config options which don't do anything anymore..
stuebinm added 1 commit 2024-04-06 13:02:45 +00:00
f389de9c55 nftables: use networking.firewall.allowed{TCP,UDP}Port{s,Ranges}
This is a no-op as far as actual config is concerned, but allows using
the usual networking options again, which before this commit were just
old unused code lying around.

There are still many other networking options which we set that
currently do nothing (e.g. the network bridge to lxc).
stuebinm requested review from moira 2024-04-06 13:03:14 +00:00
Owner

made redundant with 1ad0a7751c

made redundant with 1ad0a7751c166cfe190122b70a06cf80c5491709
moira closed this pull request 2024-04-07 14:33:07 +00:00

Pull request closed

Sign in to join this conversation.
No reviewers
No labels
No milestone
No project
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: hacc/haccfiles#10
No description provided.