l prism.r: allow samba from wiregrill

2023-09-04 10:19:43 +02:00 · 2023-09-04 10:19:43 +02:00 · 472e71f1d6
parent dcb9216d5c
commit 472e71f1d6
1 changed files with 2 additions and 2 deletions
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@ -292,7 +292,7 @@ with import <stockholm/lib>;
          netbios name = PRISM
          server string = ${config.networking.hostName}
          # only allow retiolum addresses
-          hosts allow = 42::/16 10.243.0.0/16
+          hosts allow = 42::/16 10.243.0.0/16 10.244.0.0/16

          # Use sendfile() for performance gain
          use sendfile = true
@ -334,13 +334,13 @@ with import <stockholm/lib>;
      krebs.iptables.tables.filter.INPUT.rules = [
         # smbd
         { predicate = "-i retiolum -p tcp --dport 445"; target = "ACCEPT"; }
-
         { predicate = "-i retiolum -p tcp --dport 111"; target = "ACCEPT"; }
         { predicate = "-i retiolum -p udp --dport 111"; target = "ACCEPT"; }
         { predicate = "-i retiolum -p tcp --dport 2049"; target = "ACCEPT"; }
         { predicate = "-i retiolum -p udp --dport 2049"; target = "ACCEPT"; }
         { predicate = "-i retiolum -p tcp --dport 4000:4002"; target = "ACCEPT"; }
         { predicate = "-i retiolum -p udp --dport 4000:4002"; target = "ACCEPT"; }
+         { predicate = "-i wiregrill -p tcp --dport 445"; target = "ACCEPT"; }
         { predicate = "-i wiregrill -p tcp --dport 111"; target = "ACCEPT"; }
         { predicate = "-i wiregrill -p udp --dport 111"; target = "ACCEPT"; }
         { predicate = "-i wiregrill -p tcp --dport 2049"; target = "ACCEPT"; }