colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/firewall: canonicalize firewall ports lists

Browse Source 
Fixes #56086.
This commit is contained in:
Pierre Bourdon 2019-03-09 19:59:01 +01:00
parent 843215ac1c
commit 18bc8203a1
No known key found for this signature in database
GPG Key ID: 6FB80DCD84DA0F1C
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
nixos/modules/services/networking/firewall.nix
View File

@ -261,10 +261,14 @@ let
fi
'';
canonicalizePortList =
ports: lib.unique (builtins.sort builtins.lessThan ports);
commonOptions = {
allowedTCPPorts = mkOption {
type = types.listOf types.port;
default = [ ];
apply = canonicalizePortList;
example = [ 22 80 ];
description =
''
@ -287,6 +291,7 @@ let
allowedUDPPorts = mkOption {
type = types.listOf types.port;
default = [ ];
apply = canonicalizePortList;
example = [ 53 ];
description =
''