!tCyGickeVqkHsYjWnh:nixos.org

NixOS Networking

905 Members
on your Router! Declaratively manage your switching, routing, wireless, tunneling and more.272 Servers

Load older messages

SenderMessageTime
26 May 2026
@hexa:lossy.networkhexacan I get the default nixos firewall rules with nft?10:11:28
@hexa:lossy.networkhexabecause toggling networking.nftable.enable will probably ship me an empty ruleset10:11:46
@mib:kanp.aimib 🥐 w.r.t. default, do you mean the ones that manage e.g. networking.firewall.allowed*Ports? 10:12:21
@hexa:lossy.networkhexaI mean the default chains10:12:40
@mib:kanp.aimib 🥐then yes. fairly certain it "ships" with those.10:12:55
@hexa:lossy.networkhexaok10:13:02
@hexa:lossy.networkhexawondering where to put shared declarations10:15:44
@hexa:lossy.networkhexalike subnet definitions10:15:59
@hexa:lossy.networkhexa
Download 		10:16:17
@hexa:lossy.networkhexabecause … yeah. please not per chain10:16:24
@hexa:lossy.networkhexarather per table10:16:38
@hexa:lossy.networkhexabut the template does not support that … sigh10:22:24
@hexa:lossy.networkhexaam I rolling my own again?10:23:20
@hexa:lossy.networkhexaspoilers10:32:48
@hexa:lossy.networkhexano I am not10:32:49
@hexa:lossy.networkhexahttps://github.com/NixOS/nixpkgs/pull/52440510:33:23
@hexa:lossy.networkhexaanywho wants to speed-run a review?10:34:27
@hexa:lossy.networkhexaI'm also willing to bikeshed the option name, if anyone here is into that10:39:35
@hexa:lossy.networkhexaRedacted or Malformed Event10:39:48
@hexa:lossy.networkhexahuh, in nixos/infra we use10:45:25
@hexa:lossy.networkhexa 
    tables."nixos-fw".content = lib.mkBefore ''
10:45:27
@hexa:lossy.networkhexaI guess that also works but is slightly less discoverable10:45:45
@hexa:lossy.networkhexa 
dbfb853 Martin Weinelt 2025-09-21 17:15 +0200   9│     tables."nixos-fw".content = lib.mkBefore ''
10:45:57
@hexa:lossy.networkhexaand of course I don't remember doing that anymore … sigh10:46:23
@hexa:lossy.networkhexaso probably still a worthwhile change10:46:55
@mib:kanp.aimib 🥐maybe this is a matter of documentation then?16:18:01
@tom:dragar.deTomAnyone interested in reviewing a bird update? https://github.com/NixOS/nixpkgs/pull/52402418:33:27
27 May 2026
@isabel:isabelroses.comisabel changed their profile picture.21:17:11
29 May 2026
@lassulus:lassul.uslassulus changed their profile picture.07:07:21
@elisaado:elisaado.comEli Saado is anyone aware of networking.firewall.* options that only apply to one address family? e.g. networking.firewall.allowedTCPPorts for v6 only? 20:05:43

Show newer messages

Back to Room ListRoom Version: 6