New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable work variant firewall with iptables-compat #66953
Conversation
@GrahamcOfBorg build iptables iptables-compat |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Izorkin overall looks like a good change 👍 I don't know enough about the networking stack to merge this, but we can ping a few people and try to get a good thorough review+merge.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The package options are good I think. Not sure about always building the variant nor renaming the package. Can't judge the rest of the PR.
0695629
to
00b86ae
Compare
Updated default configuration in the serice fail2ban. Added custom options: banaction, bantime-increment, bantime-increment-config. |
a34120e
to
32f6ce3
Compare
Moved fail2ban changes to PR #67931 |
Same as debian, more clarity what the package is about.
@Mic92 thanks! |
Enable work variant firewall with iptables-compat (cherry picked from commit 8c7667c)
Motivation for this change
Enable work variant firewall and fail2ban with iptables-compat - nftables compatibility.
Example configuration:
Work tested in a virtual machine.
Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nix-review --run "nix-review wip"
./result/bin/
)nix path-info -S
before and after)Notify maintainers
cc @