nixos/firewall: install nixos-firewall-tool for iptables by default

2023-11-18 16:00:33 +01:00 · 2023-11-18 16:00:33 +01:00 · fa9cdc83ab
commit fa9cdc83ab
parent b9aa1e958b
2 changed files with 3 additions and 0 deletions
--- a/nixos/doc/manual/release-notes/rl-2311.section.md
+++ b/nixos/doc/manual/release-notes/rl-2311.section.md
@ -425,6 +425,8 @@

 - `zfs` was updated from 2.1.x to 2.2.0, [enabling newer kernel support and adding new features](https://github.com/openzfs/zfs/releases/tag/zfs-2.2.0).

+- The iptables firewall module now installs the `nixos-firewall-tool` which allows the user to easily temporarily open ports through the firewall.
+
 - Elixir now defaults to version
  [v1.15](https://elixir-lang.org/blog/2023/06/19/elixir-v1-15-0-released/).

--- a/nixos/modules/services/networking/firewall-iptables.nix
+++ b/nixos/modules/services/networking/firewall-iptables.nix
@ -301,6 +301,7 @@ in
      }
    ];

+    environment.systemPackages = [ pkgs.nixos-firewall-tool ];
    networking.firewall.checkReversePath = mkIf (!kernelHasRPFilter) (mkDefault false);

    systemd.services.firewall = {