30 lines
611 B
Nix
30 lines
611 B
Nix
{ lib, ... }:
|
|
|
|
let
|
|
inherit (lib) mkOption types;
|
|
in
|
|
|
|
{
|
|
enable = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
description = "Enable iptables.";
|
|
};
|
|
|
|
input-internet-accept-new-tcp = mkOption {
|
|
type = with types; listOf str;
|
|
default = [];
|
|
description = ''
|
|
ip{4,6}tables -A INPUT -j ACCEPT -p tcp --dport $port -m conntrack --ctstate NEW
|
|
'';
|
|
};
|
|
|
|
input-retiolum-accept-new-tcp = mkOption {
|
|
type = with types; listOf str;
|
|
default = [];
|
|
description = ''
|
|
ip{4,6}tables -A Retiolum -j ACCEPT -p tcp --dport $port -m conntrack --ctstate NEW
|
|
'';
|
|
};
|
|
}
|