forked from auxolotl/docs
7377 lines
134 KiB
HTML
7377 lines
134 KiB
HTML
|
|
||
|
<!doctype html>
|
||
|
<html lang="en" class="no-js">
|
||
|
<head>
|
||
|
|
||
|
<meta charset="utf-8">
|
||
|
<meta name="viewport" content="width=device-width,initial-scale=1">
|
||
|
|
||
|
<meta name="description" content="Aux Documentation">
|
||
|
|
||
|
|
||
|
<meta name="author" content="Nixpkgs Aux, and Lix Contributors">
|
||
|
|
||
|
|
||
|
<link rel="canonical" href="https://docs.auxolotl.org/NixOS/networking/firewall/">
|
||
|
|
||
|
|
||
|
<link rel="prev" href="../dhcpcd/">
|
||
|
|
||
|
|
||
|
<link rel="next" href="../fooOverUDP/">
|
||
|
|
||
|
|
||
|
<link rel="icon" href="../../../assets/aux-logo.svg">
|
||
|
<meta name="generator" content="mkdocs-1.6.0, mkdocs-material-9.5.29">
|
||
|
|
||
|
|
||
|
|
||
|
<title>Firewall - Aux Docs</title>
|
||
|
|
||
|
|
||
|
|
||
|
<link rel="stylesheet" href="../../../assets/stylesheets/main.76a95c52.min.css">
|
||
|
|
||
|
|
||
|
<link rel="stylesheet" href="../../../assets/stylesheets/palette.06af60db.min.css">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
|
||
|
<link rel="stylesheet" href="https://fonts.bunny.net/css?family=IBM+Plex+Sans:300,300i,400,400i,700,700i%7CIBM+Plex+Mono:400,400i,700,700i&display=fallback">
|
||
|
<style>:root{--md-text-font:"IBM Plex Sans";--md-code-font:"IBM Plex Mono"}</style>
|
||
|
|
||
|
|
||
|
|
||
|
<script>__md_scope=new URL("../../..",location),__md_hash=e=>[...e].reduce((e,_)=>(e<<5)-e+_.charCodeAt(0),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<meta property="og:type" content="website" >
|
||
|
|
||
|
<meta property="og:title" content="Firewall - Aux Docs" >
|
||
|
|
||
|
<meta property="og:description" content="Aux Documentation" >
|
||
|
|
||
|
<meta property="og:image" content="https://docs.auxolotl.org/assets/images/social/NixOS/networking/firewall.png" >
|
||
|
|
||
|
<meta property="og:image:type" content="image/png" >
|
||
|
|
||
|
<meta property="og:image:width" content="1200" >
|
||
|
|
||
|
<meta property="og:image:height" content="630" >
|
||
|
|
||
|
<meta property="og:url" content="https://docs.auxolotl.org/NixOS/networking/firewall/" >
|
||
|
|
||
|
<meta name="twitter:card" content="summary_large_image" >
|
||
|
|
||
|
<meta name="twitter:title" content="Firewall - Aux Docs" >
|
||
|
|
||
|
<meta name="twitter:description" content="Aux Documentation" >
|
||
|
|
||
|
<meta name="twitter:image" content="https://docs.auxolotl.org/assets/images/social/NixOS/networking/firewall.png" >
|
||
|
|
||
|
|
||
|
|
||
|
</head>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<body dir="ltr" data-md-color-scheme="default" data-md-color-primary="indigo" data-md-color-accent="blue">
|
||
|
|
||
|
|
||
|
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
|
||
|
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
|
||
|
<label class="md-overlay" for="__drawer"></label>
|
||
|
<div data-md-component="skip">
|
||
|
|
||
|
|
||
|
<a href="#networkingfirewallallowping" class="md-skip">
|
||
|
Skip to content
|
||
|
</a>
|
||
|
|
||
|
</div>
|
||
|
<div data-md-component="announce">
|
||
|
|
||
|
</div>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<header class="md-header" data-md-component="header">
|
||
|
<nav class="md-header__inner md-grid" aria-label="Header">
|
||
|
<a href="../../.." title="Aux Docs" class="md-header__button md-logo" aria-label="Aux Docs" data-md-component="logo">
|
||
|
|
||
|
<img src="../../../assets/aux-logo.svg" alt="logo">
|
||
|
|
||
|
</a>
|
||
|
<label class="md-header__button md-icon" for="__drawer">
|
||
|
|
||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg>
|
||
|
</label>
|
||
|
<div class="md-header__title" data-md-component="header-title">
|
||
|
<div class="md-header__ellipsis">
|
||
|
<div class="md-header__topic">
|
||
|
<span class="md-ellipsis">
|
||
|
Aux Docs
|
||
|
</span>
|
||
|
</div>
|
||
|
<div class="md-header__topic" data-md-component="header-topic">
|
||
|
<span class="md-ellipsis">
|
||
|
|
||
|
Firewall
|
||
|
|
||
|
</span>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
|
||
|
<form class="md-header__option" data-md-component="palette">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<input class="md-option" data-md-color-media="(prefers-color-scheme: light)" data-md-color-scheme="default" data-md-color-primary="indigo" data-md-color-accent="blue" aria-label="Dark Mode" type="radio" name="__palette" id="__palette_0">
|
||
|
|
||
|
<label class="md-header__button md-icon" title="Dark Mode" for="__palette_1" hidden>
|
||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="m17.75 4.09-2.53 1.94.91 3.06-2.63-1.81-2.63 1.81.91-3.06-2.53-1.94L12.44 4l1.06-3 1.06 3 3.19.09m3.5 6.91-1.64 1.25.59 1.98-1.7-1.17-1.7 1.17.59-1.98L15.75 11l2.06-.05L18.5 9l.69 1.95 2.06.05m-2.28 4.95c.83-.08 1.72 1.1 1.19 1.85-.32.45-.66.87-1.08 1.27C15.17 23 8.84 23 4.94 19.07c-3.91-3.9-3.91-10.24 0-14.14.4-.4.82-.76 1.27-1.08.75-.53 1.93.36 1.85 1.19-.27 2.86.69 5.83 2.89 8.02a9.96 9.96 0 0 0 8.02 2.89m-1.64 2.02a12.08 12.08 0 0 1-7.8-3.47c-2.17-2.19-3.33-5-3.49-7.82-2.81 3.14-2.7 7.96.31 10.98 3.02 3.01 7.84 3.12 10.98.31Z"/></svg>
|
||
|
</label>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<input class="md-option" data-md-color-media="(prefers-color-scheme: dark)" data-md-color-scheme="slate" data-md-color-primary="indigo" data-md-color-accent="blue" aria-label="Light Mode" type="radio" name="__palette" id="__palette_1">
|
||
|
|
||
|
<label class="md-header__button md-icon" title="Light Mode" for="__palette_0" hidden>
|
||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 7a5 5 0 0 1 5 5 5 5 0 0 1-5 5 5 5 0 0 1-5-5 5 5 0 0 1 5-5m0 2a3 3 0 0 0-3 3 3 3 0 0 0 3 3 3 3 0 0 0 3-3 3 3 0 0 0-3-3m0-7 2.39 3.42C13.65 5.15 12.84 5 12 5c-.84 0-1.65.15-2.39.42L12 2M3.34 7l4.16-.35A7.2 7.2 0 0 0 5.94 8.5c-.44.74-.69 1.5-.83 2.29L3.34 7m.02 10 1.76-3.77a7.131 7.131 0 0 0 2.38 4.14L3.36 17M20.65 7l-1.77 3.79a7.023 7.023 0 0 0-2.38-4.15l4.15.36m-.01 10-4.14.36c.59-.51 1.12-1.14 1.54-1.86.42-.73.69-1.5.83-2.29L20.64 17M12 22l-2.41-3.44c.74.27 1.55.44 2.41.44.82 0 1.63-.17 2.37-.44L12 22Z"/></svg>
|
||
|
</label>
|
||
|
|
||
|
|
||
|
</form>
|
||
|
|
||
|
|
||
|
|
||
|
<script>var media,input,key,value,palette=__md_get("__palette");if(palette&&palette.color){"(prefers-color-scheme)"===palette.color.media&&(media=matchMedia("(prefers-color-scheme: light)"),input=document.querySelector(media.matches?"[data-md-color-media='(prefers-color-scheme: light)']":"[data-md-color-media='(prefers-color-scheme: dark)']"),palette.color.media=input.getAttribute("data-md-color-media"),palette.color.scheme=input.getAttribute("data-md-color-scheme"),palette.color.primary=input.getAttribute("data-md-color-primary"),palette.color.accent=input.getAttribute("data-md-color-accent"));for([key,value]of Object.entries(palette.color))document.body.setAttribute("data-md-color-"+key,value)}</script>
|
||
|
|
||
|
|
||
|
|
||
|
<label class="md-header__button md-icon" for="__search">
|
||
|
|
||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
|
||
|
</label>
|
||
|
<div class="md-search" data-md-component="search" role="dialog">
|
||
|
<label class="md-search__overlay" for="__search"></label>
|
||
|
<div class="md-search__inner" role="search">
|
||
|
<form class="md-search__form" name="search">
|
||
|
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
|
||
|
<label class="md-search__icon md-icon" for="__search">
|
||
|
|
||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
|
||
|
|
||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
|
||
|
</label>
|
||
|
<nav class="md-search__options" aria-label="Search">
|
||
|
|
||
|
<button type="reset" class="md-search__icon md-icon" title="Clear" aria-label="Clear" tabindex="-1">
|
||
|
|
||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
|
||
|
</button>
|
||
|
</nav>
|
||
|
|
||
|
</form>
|
||
|
<div class="md-search__output">
|
||
|
<div class="md-search__scrollwrap" tabindex="0" data-md-scrollfix>
|
||
|
<div class="md-search-result" data-md-component="search-result">
|
||
|
<div class="md-search-result__meta">
|
||
|
Initializing search
|
||
|
</div>
|
||
|
<ol class="md-search-result__list" role="presentation"></ol>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
|
||
|
<div class="md-header__source">
|
||
|
<a href="https://git.auxolotl.org/auxolotl/docs" title="Go to repository" class="md-source" data-md-component="source">
|
||
|
<div class="md-source__icon md-icon">
|
||
|
|
||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M16.777 0a2.9 2.9 0 1 1-2.529 4.322H12.91a4.266 4.266 0 0 0-4.265 4.195v2.118a7.076 7.076 0 0 1 4.147-1.42l.118-.002h1.338a2.9 2.9 0 0 1 5.43 1.422 2.9 2.9 0 0 1-5.43 1.422H12.91a4.266 4.266 0 0 0-4.265 4.195v2.319A2.9 2.9 0 0 1 7.222 24 2.9 2.9 0 0 1 5.8 18.57V8.589a7.109 7.109 0 0 1 6.991-7.108l.118-.001h1.338A2.9 2.9 0 0 1 16.778 0ZM7.223 19.905a1.194 1.194 0 1 0 0 2.389 1.194 1.194 0 0 0 0-2.389Zm9.554-10.464a1.194 1.194 0 1 0 0 2.389 1.194 1.194 0 0 0 0-2.39Zm0-7.735a1.194 1.194 0 1 0 0 2.389 1.194 1.194 0 0 0 0-2.389Z"/></svg>
|
||
|
</div>
|
||
|
<div class="md-source__repository">
|
||
|
auxolotl/docs
|
||
|
</div>
|
||
|
</a>
|
||
|
</div>
|
||
|
|
||
|
</nav>
|
||
|
|
||
|
</header>
|
||
|
|
||
|
<div class="md-container" data-md-component="container">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<nav class="md-tabs" aria-label="Tabs" data-md-component="tabs">
|
||
|
<div class="md-grid">
|
||
|
<ul class="md-tabs__list">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-tabs__item">
|
||
|
<a href="../../.." class="md-tabs__link">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
Aux Documentation Hub
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-tabs__item">
|
||
|
<a href="../../../TODO/" class="md-tabs__link">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
TODO
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-tabs__item">
|
||
|
<a href="../../../Aux/" class="md-tabs__link">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
Aux
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-tabs__item">
|
||
|
<a href="../../../Lix/" class="md-tabs__link">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
Lix
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-tabs__item md-tabs__item--active">
|
||
|
<a href="../../appstream/" class="md-tabs__link">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
NixOS
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-tabs__item">
|
||
|
<a href="../../../Nixpkgs/" class="md-tabs__link">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
Nixpkgs
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
</ul>
|
||
|
</div>
|
||
|
</nav>
|
||
|
|
||
|
|
||
|
|
||
|
<main class="md-main" data-md-component="main">
|
||
|
<div class="md-main__inner md-grid">
|
||
|
|
||
|
|
||
|
|
||
|
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
|
||
|
<div class="md-sidebar__scrollwrap">
|
||
|
<div class="md-sidebar__inner">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<nav class="md-nav md-nav--primary md-nav--lifted" aria-label="Navigation" data-md-level="0">
|
||
|
<label class="md-nav__title" for="__drawer">
|
||
|
<a href="../../.." title="Aux Docs" class="md-nav__button md-logo" aria-label="Aux Docs" data-md-component="logo">
|
||
|
|
||
|
<img src="../../../assets/aux-logo.svg" alt="logo">
|
||
|
|
||
|
</a>
|
||
|
Aux Docs
|
||
|
</label>
|
||
|
|
||
|
<div class="md-nav__source">
|
||
|
<a href="https://git.auxolotl.org/auxolotl/docs" title="Go to repository" class="md-source" data-md-component="source">
|
||
|
<div class="md-source__icon md-icon">
|
||
|
|
||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M16.777 0a2.9 2.9 0 1 1-2.529 4.322H12.91a4.266 4.266 0 0 0-4.265 4.195v2.118a7.076 7.076 0 0 1 4.147-1.42l.118-.002h1.338a2.9 2.9 0 0 1 5.43 1.422 2.9 2.9 0 0 1-5.43 1.422H12.91a4.266 4.266 0 0 0-4.265 4.195v2.319A2.9 2.9 0 0 1 7.222 24 2.9 2.9 0 0 1 5.8 18.57V8.589a7.109 7.109 0 0 1 6.991-7.108l.118-.001h1.338A2.9 2.9 0 0 1 16.778 0ZM7.223 19.905a1.194 1.194 0 1 0 0 2.389 1.194 1.194 0 0 0 0-2.389Zm9.554-10.464a1.194 1.194 0 1 0 0 2.389 1.194 1.194 0 0 0 0-2.39Zm0-7.735a1.194 1.194 0 1 0 0 2.389 1.194 1.194 0 0 0 0-2.389Z"/></svg>
|
||
|
</div>
|
||
|
<div class="md-source__repository">
|
||
|
auxolotl/docs
|
||
|
</div>
|
||
|
</a>
|
||
|
</div>
|
||
|
|
||
|
<ul class="md-nav__list" data-md-scrollfix>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../.." class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Aux Documentation Hub
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../../TODO/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
TODO
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<a href="../../../Aux/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Aux
|
||
|
</span>
|
||
|
|
||
|
|
||
|
|
||
|
<span class="md-nav__icon md-icon"></span>
|
||
|
|
||
|
</a>
|
||
|
|
||
|
|
||
|
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<a href="../../../Lix/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Lix
|
||
|
</span>
|
||
|
|
||
|
|
||
|
|
||
|
<span class="md-nav__icon md-icon"></span>
|
||
|
|
||
|
</a>
|
||
|
|
||
|
|
||
|
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item md-nav__item--active md-nav__item--section md-nav__item--nested">
|
||
|
|
||
|
|
||
|
|
||
|
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_5" checked>
|
||
|
|
||
|
|
||
|
<label class="md-nav__link" for="__nav_5" id="__nav_5_label" tabindex="">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
NixOS
|
||
|
</span>
|
||
|
|
||
|
|
||
|
<span class="md-nav__icon md-icon"></span>
|
||
|
</label>
|
||
|
|
||
|
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_5_label" aria-expanded="true">
|
||
|
<label class="md-nav__title" for="__nav_5">
|
||
|
<span class="md-nav__icon md-icon"></span>
|
||
|
NixOS
|
||
|
</label>
|
||
|
<ul class="md-nav__list" data-md-scrollfix>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../appstream/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Appstream
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../console/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Console
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../containers/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Containers
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../documentation/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Documentation
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../dysnomia/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Dysnomia
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../ec2/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Ec2
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../environment/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Environment
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../fileSystems/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
fileSystems
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../fonts/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Fonts
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../gtk/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Gtk
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../hardware/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Hardware
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../i18n/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
I18n
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../image/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Image
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../lib/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Lib
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../location/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Location
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../nix/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Nix
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../nixops/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Nixops
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../nixpkgs/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Nixpkgs
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../oci/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Oci
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../openstack/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Openstack
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../power/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Power
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../powerManagement/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
powerManagement
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../qt/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Qt
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../specialisation/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Specialisation
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../swapDevices/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
swapDevices
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../system/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
System
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../time/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Time
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../xdg/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Xdg
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../../zramSwap/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
zramSwap
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<a href="../../boot/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Boot
|
||
|
</span>
|
||
|
|
||
|
|
||
|
|
||
|
<span class="md-nav__icon md-icon"></span>
|
||
|
|
||
|
</a>
|
||
|
|
||
|
|
||
|
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
|
||
|
|
||
|
|
||
|
|
||
|
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_5_31" checked>
|
||
|
|
||
|
|
||
|
|
||
|
<div class="md-nav__link md-nav__container">
|
||
|
<a href="../" class="md-nav__link ">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Networking
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
|
||
|
|
||
|
<label class="md-nav__link " for="__nav_5_31" id="__nav_5_31_label" tabindex="0">
|
||
|
<span class="md-nav__icon md-icon"></span>
|
||
|
</label>
|
||
|
|
||
|
</div>
|
||
|
|
||
|
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_5_31_label" aria-expanded="true">
|
||
|
<label class="md-nav__title" for="__nav_5_31">
|
||
|
<span class="md-nav__icon md-icon"></span>
|
||
|
Networking
|
||
|
</label>
|
||
|
<ul class="md-nav__list" data-md-scrollfix>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../bonds/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Bonds
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../bridges/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Bridges
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../defaultGateway/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
defaultGateway
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../defaultGateway6/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
defaultGateway6
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../dhcpcd/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Dhcpcd
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item md-nav__item--active">
|
||
|
|
||
|
<input class="md-nav__toggle md-toggle" type="checkbox" id="__toc">
|
||
|
|
||
|
|
||
|
|
||
|
<label class="md-nav__link md-nav__link--active" for="__toc">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Firewall
|
||
|
</span>
|
||
|
|
||
|
|
||
|
<span class="md-nav__icon md-icon"></span>
|
||
|
</label>
|
||
|
|
||
|
<a href="./" class="md-nav__link md-nav__link--active">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Firewall
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
|
||
|
|
||
|
|
||
|
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<label class="md-nav__title" for="__toc">
|
||
|
<span class="md-nav__icon md-icon"></span>
|
||
|
Table of contents
|
||
|
</label>
|
||
|
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallallowping" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.allowPing
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.allowPing">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallallowedtcpportranges" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.allowedTCPPortRanges
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.allowedTCPPortRanges">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_1" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallallowedtcpports" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.allowedTCPPorts
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.allowedTCPPorts">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_2" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_1" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallallowedudpportranges" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.allowedUDPPortRanges
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.allowedUDPPortRanges">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_3" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_2" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallallowedudpports" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.allowedUDPPorts
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.allowedUDPPorts">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_4" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_3" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallautoloadconntrackhelpers" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.autoLoadConntrackHelpers
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.autoLoadConntrackHelpers">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_5" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallcheckreversepath" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.checkReversePath
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.checkReversePath">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_6" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_4" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallconnectiontrackingmodules" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.connectionTrackingModules
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.connectionTrackingModules">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_7" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_5" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallenable" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.enable
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.enable">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_8" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallextracommands" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.extraCommands
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.extraCommands">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_9" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_6" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallextraforwardrules" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.extraForwardRules
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.extraForwardRules">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_10" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_7" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallextrainputrules" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.extraInputRules
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.extraInputRules">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_11" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_8" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallextrapackages" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.extraPackages
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.extraPackages">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_12" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_9" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallextrareversepathfilterrules" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.extraReversePathFilterRules
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.extraReversePathFilterRules">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_13" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_10" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallextrastopcommands" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.extraStopCommands
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.extraStopCommands">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_14" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_11" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallfilterforward" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.filterForward
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.filterForward">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_15" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallinterfaces" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.interfaces
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.interfaces">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_16" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallinterfacesnameallowedtcpportranges" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.interfaces.<name>.allowedTCPPortRanges
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.interfaces.<name>.allowedTCPPortRanges">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_17" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_12" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallinterfacesnameallowedtcpports" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.interfaces.<name>.allowedTCPPorts
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.interfaces.<name>.allowedTCPPorts">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_18" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_13" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallinterfacesnameallowedudpportranges" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.interfaces.<name>.allowedUDPPortRanges
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.interfaces.<name>.allowedUDPPortRanges">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_19" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_14" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallinterfacesnameallowedudpports" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.interfaces.<name>.allowedUDPPorts
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.interfaces.<name>.allowedUDPPorts">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_20" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_15" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewalllogrefusedconnections" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.logRefusedConnections
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.logRefusedConnections">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_21" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewalllogrefusedpackets" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.logRefusedPackets
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.logRefusedPackets">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_22" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewalllogrefusedunicastsonly" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.logRefusedUnicastsOnly
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.logRefusedUnicastsOnly">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_23" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewalllogreversepathdrops" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.logReversePathDrops
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.logReversePathDrops">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_24" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallpackage" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.package
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.package">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_25" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_16" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallpinglimit" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.pingLimit
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.pingLimit">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_26" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_17" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallrejectpackets" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.rejectPackets
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.rejectPackets">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_27" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewalltrustedinterfaces" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.trustedInterfaces
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.trustedInterfaces">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_28" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_18" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../fooOverUDP/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
fooOverUDP
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../greTunnels/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
greTunnels
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../interfaces/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Interfaces
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../iproute2/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Iproute2
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../jool/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Jool
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../macvlans/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Macvlans
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../nat/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Nat
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../networkmanager/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Networkmanager
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../nftables/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Nftables
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../openconnect/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Openconnect
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../proxy/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Proxy
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../resolvconf/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Resolvconf
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../rxe/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Rxe
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../sits/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Sits
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../stevenblack/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Stevenblack
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../supplicant/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Supplicant
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../tcpcrypt/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Tcpcrypt
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../ucarp/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Ucarp
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../vlans/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Vlans
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../vswitches/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Vswitches
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../wg-quick/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Wg quick
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../wireguard/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Wireguard
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../wireless/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Wireless
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="../wlanInterfaces/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
wlanInterfaces
|
||
|
</span>
|
||
|
|
||
|
|
||
|
</a>
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<a href="../../programs/_1password-gui/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Programs
|
||
|
</span>
|
||
|
|
||
|
|
||
|
|
||
|
<span class="md-nav__icon md-icon"></span>
|
||
|
|
||
|
</a>
|
||
|
|
||
|
|
||
|
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<a href="../../security/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Security
|
||
|
</span>
|
||
|
|
||
|
|
||
|
|
||
|
<span class="md-nav__icon md-icon"></span>
|
||
|
|
||
|
</a>
|
||
|
|
||
|
|
||
|
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<a href="../../services/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Services
|
||
|
</span>
|
||
|
|
||
|
|
||
|
|
||
|
<span class="md-nav__icon md-icon"></span>
|
||
|
|
||
|
</a>
|
||
|
|
||
|
|
||
|
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<a href="../../systemd/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Systemd
|
||
|
</span>
|
||
|
|
||
|
|
||
|
|
||
|
<span class="md-nav__icon md-icon"></span>
|
||
|
|
||
|
</a>
|
||
|
|
||
|
|
||
|
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<a href="../../users/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Users
|
||
|
</span>
|
||
|
|
||
|
|
||
|
|
||
|
<span class="md-nav__icon md-icon"></span>
|
||
|
|
||
|
</a>
|
||
|
|
||
|
|
||
|
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<a href="../../virtualisation/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Virtualisation
|
||
|
</span>
|
||
|
|
||
|
|
||
|
|
||
|
<span class="md-nav__icon md-icon"></span>
|
||
|
|
||
|
</a>
|
||
|
|
||
|
|
||
|
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<li class="md-nav__item md-nav__item--pruned md-nav__item--nested">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<a href="../../../Nixpkgs/" class="md-nav__link">
|
||
|
|
||
|
|
||
|
<span class="md-ellipsis">
|
||
|
Nixpkgs
|
||
|
</span>
|
||
|
|
||
|
|
||
|
|
||
|
<span class="md-nav__icon md-icon"></span>
|
||
|
|
||
|
</a>
|
||
|
|
||
|
|
||
|
|
||
|
</li>
|
||
|
|
||
|
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
|
||
|
|
||
|
<div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
|
||
|
<div class="md-sidebar__scrollwrap">
|
||
|
<div class="md-sidebar__inner">
|
||
|
|
||
|
|
||
|
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<label class="md-nav__title" for="__toc">
|
||
|
<span class="md-nav__icon md-icon"></span>
|
||
|
Table of contents
|
||
|
</label>
|
||
|
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallallowping" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.allowPing
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.allowPing">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallallowedtcpportranges" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.allowedTCPPortRanges
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.allowedTCPPortRanges">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_1" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallallowedtcpports" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.allowedTCPPorts
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.allowedTCPPorts">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_2" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_1" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallallowedudpportranges" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.allowedUDPPortRanges
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.allowedUDPPortRanges">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_3" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_2" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallallowedudpports" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.allowedUDPPorts
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.allowedUDPPorts">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_4" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_3" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallautoloadconntrackhelpers" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.autoLoadConntrackHelpers
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.autoLoadConntrackHelpers">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_5" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallcheckreversepath" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.checkReversePath
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.checkReversePath">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_6" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_4" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallconnectiontrackingmodules" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.connectionTrackingModules
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.connectionTrackingModules">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_7" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_5" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallenable" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.enable
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.enable">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_8" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallextracommands" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.extraCommands
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.extraCommands">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_9" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_6" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallextraforwardrules" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.extraForwardRules
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.extraForwardRules">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_10" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_7" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallextrainputrules" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.extraInputRules
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.extraInputRules">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_11" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_8" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallextrapackages" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.extraPackages
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.extraPackages">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_12" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_9" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallextrareversepathfilterrules" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.extraReversePathFilterRules
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.extraReversePathFilterRules">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_13" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_10" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallextrastopcommands" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.extraStopCommands
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.extraStopCommands">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_14" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_11" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallfilterforward" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.filterForward
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.filterForward">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_15" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallinterfaces" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.interfaces
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.interfaces">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_16" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallinterfacesnameallowedtcpportranges" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.interfaces.<name>.allowedTCPPortRanges
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.interfaces.<name>.allowedTCPPortRanges">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_17" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_12" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallinterfacesnameallowedtcpports" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.interfaces.<name>.allowedTCPPorts
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.interfaces.<name>.allowedTCPPorts">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_18" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_13" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallinterfacesnameallowedudpportranges" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.interfaces.<name>.allowedUDPPortRanges
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.interfaces.<name>.allowedUDPPortRanges">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_19" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_14" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallinterfacesnameallowedudpports" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.interfaces.<name>.allowedUDPPorts
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.interfaces.<name>.allowedUDPPorts">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_20" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_15" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewalllogrefusedconnections" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.logRefusedConnections
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.logRefusedConnections">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_21" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewalllogrefusedpackets" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.logRefusedPackets
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.logRefusedPackets">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_22" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewalllogrefusedunicastsonly" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.logRefusedUnicastsOnly
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.logRefusedUnicastsOnly">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_23" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewalllogreversepathdrops" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.logReversePathDrops
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.logReversePathDrops">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_24" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallpackage" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.package
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.package">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_25" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_16" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallpinglimit" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.pingLimit
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.pingLimit">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_26" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_17" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewallrejectpackets" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.rejectPackets
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.rejectPackets">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_27" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#networkingfirewalltrustedinterfaces" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
networking.firewall.trustedInterfaces
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
<nav class="md-nav" aria-label="networking.firewall.trustedInterfaces">
|
||
|
<ul class="md-nav__list">
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#default_28" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Default
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
<li class="md-nav__item">
|
||
|
<a href="#example_18" class="md-nav__link">
|
||
|
<span class="md-ellipsis">
|
||
|
Example
|
||
|
</span>
|
||
|
</a>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
</nav>
|
||
|
|
||
|
</li>
|
||
|
|
||
|
</ul>
|
||
|
|
||
|
</nav>
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
|
||
|
|
||
|
<div class="md-content" data-md-component="content">
|
||
|
<article class="md-content__inner md-typeset">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<h1>Firewall</h1>
|
||
|
|
||
|
<h2 id="networkingfirewallallowping" networking-firewall-allowPing="networking-firewall-allowPing"><code>networking.firewall.allowPing</code></h2>
|
||
|
<p>Whether to respond to incoming ICMPv4 echo requests
|
||
|
("pings"). ICMPv6 pings are always allowed because the
|
||
|
larger address space of IPv6 makes network scanning much
|
||
|
less effective.</p>
|
||
|
<p><strong>Type:</strong> <code>boolean</code></p>
|
||
|
<h3 id="default" networking-firewall-allowPing-default="networking-firewall-allowPing-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="no">true</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewallallowedtcpportranges" networking-firewall-allowedTCPPortRanges="networking-firewall-allowedTCPPortRanges"><code>networking.firewall.allowedTCPPortRanges</code></h2>
|
||
|
<p>A range of TCP ports on which incoming connections are
|
||
|
accepted.</p>
|
||
|
<p><strong>Type:</strong> <code>list of attribute set of 16 bit unsigned integer; between 0 and 65535 (both inclusive)</code></p>
|
||
|
<h3 id="default_1" networking-firewall-allowedTCPPortRanges-default="networking-firewall-allowedTCPPortRanges-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span> <span class="p">]</span></code></p>
|
||
|
<h3 id="example" networking-firewall-allowedTCPPortRanges-example="networking-firewall-allowedTCPPortRanges-example">Example</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span><span class="p">{</span><span class="ss">from</span> <span class="o">=</span> <span class="mi">8999</span><span class="p">;</span><span class="ss">to</span> <span class="o">=</span> <span class="mi">9003</span><span class="p">;</span><span class="p">}</span><span class="p">]</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewallallowedtcpports" networking-firewall-allowedTCPPorts="networking-firewall-allowedTCPPorts"><code>networking.firewall.allowedTCPPorts</code></h2>
|
||
|
<p>List of TCP ports on which incoming connections are
|
||
|
accepted.</p>
|
||
|
<p><strong>Type:</strong> <code>list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)</code></p>
|
||
|
<h3 id="default_2" networking-firewall-allowedTCPPorts-default="networking-firewall-allowedTCPPorts-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span> <span class="p">]</span></code></p>
|
||
|
<h3 id="example_1" networking-firewall-allowedTCPPorts-example="networking-firewall-allowedTCPPorts-example">Example</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span><span class="mi">22</span><span class="mi">80</span><span class="p">]</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewallallowedudpportranges" networking-firewall-allowedUDPPortRanges="networking-firewall-allowedUDPPortRanges"><code>networking.firewall.allowedUDPPortRanges</code></h2>
|
||
|
<p>Range of open UDP ports.</p>
|
||
|
<p><strong>Type:</strong> <code>list of attribute set of 16 bit unsigned integer; between 0 and 65535 (both inclusive)</code></p>
|
||
|
<h3 id="default_3" networking-firewall-allowedUDPPortRanges-default="networking-firewall-allowedUDPPortRanges-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span> <span class="p">]</span></code></p>
|
||
|
<h3 id="example_2" networking-firewall-allowedUDPPortRanges-example="networking-firewall-allowedUDPPortRanges-example">Example</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span><span class="p">{</span><span class="ss">from</span> <span class="o">=</span> <span class="mi">60000</span><span class="p">;</span><span class="ss">to</span> <span class="o">=</span> <span class="mi">61000</span><span class="p">;</span><span class="p">}</span><span class="p">]</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewallallowedudpports" networking-firewall-allowedUDPPorts="networking-firewall-allowedUDPPorts"><code>networking.firewall.allowedUDPPorts</code></h2>
|
||
|
<p>List of open UDP ports.</p>
|
||
|
<p><strong>Type:</strong> <code>list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)</code></p>
|
||
|
<h3 id="default_4" networking-firewall-allowedUDPPorts-default="networking-firewall-allowedUDPPorts-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span> <span class="p">]</span></code></p>
|
||
|
<h3 id="example_3" networking-firewall-allowedUDPPorts-example="networking-firewall-allowedUDPPorts-example">Example</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span><span class="mi">53</span><span class="p">]</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewallautoloadconntrackhelpers" networking-firewall-autoLoadConntrackHelpers="networking-firewall-autoLoadConntrackHelpers"><code>networking.firewall.autoLoadConntrackHelpers</code></h2>
|
||
|
<p>Whether to auto-load connection-tracking helpers.
|
||
|
See the description at networking.firewall.connectionTrackingModules</p>
|
||
|
<p>(needs kernel 3.5+)</p>
|
||
|
<p><strong>Type:</strong> <code>boolean</code></p>
|
||
|
<h3 id="default_5" networking-firewall-autoLoadConntrackHelpers-default="networking-firewall-autoLoadConntrackHelpers-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="no">false</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewallcheckreversepath" networking-firewall-checkReversePath="networking-firewall-checkReversePath"><code>networking.firewall.checkReversePath</code></h2>
|
||
|
<p>Performs a reverse path filter test on a packet. If a reply
|
||
|
to the packet would not be sent via the same interface that
|
||
|
the packet arrived on, it is refused.</p>
|
||
|
<p>If using asymmetric routing or other complicated routing, set
|
||
|
this option to loose mode or disable it and setup your own
|
||
|
counter-measures.</p>
|
||
|
<p>This option can be either true (or "strict"), "loose" (only
|
||
|
drop the packet if the source address is not reachable via any
|
||
|
interface) or false.</p>
|
||
|
<p><strong>Type:</strong> <code>boolean or one of "strict", "loose"</code></p>
|
||
|
<h3 id="default_6" networking-firewall-checkReversePath-default="networking-firewall-checkReversePath-default">Default</h3>
|
||
|
<p><code>true</code> except if the iptables based firewall is in use and the kernel lacks rpfilter support</p>
|
||
|
<h3 id="example_4" networking-firewall-checkReversePath-example="networking-firewall-checkReversePath-example">Example</h3>
|
||
|
<p><code class="highlight"><span class="s2">"loose"</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewallconnectiontrackingmodules" networking-firewall-connectionTrackingModules="networking-firewall-connectionTrackingModules"><code>networking.firewall.connectionTrackingModules</code></h2>
|
||
|
<p>List of connection-tracking helpers that are auto-loaded.
|
||
|
The complete list of possible values is given in the example.</p>
|
||
|
<p>As helpers can pose as a security risk, it is advised to
|
||
|
set this to an empty list and disable the setting
|
||
|
networking.firewall.autoLoadConntrackHelpers unless you
|
||
|
know what you are doing. Connection tracking is disabled
|
||
|
by default.</p>
|
||
|
<p>Loading of helpers is recommended to be done through the
|
||
|
CT target. More info:
|
||
|
https://home.regit.org/netfilter-en/secure-use-of-helpers/</p>
|
||
|
<p><strong>Type:</strong> <code>list of string</code></p>
|
||
|
<h3 id="default_7" networking-firewall-connectionTrackingModules-default="networking-firewall-connectionTrackingModules-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span> <span class="p">]</span></code></p>
|
||
|
<h3 id="example_5" networking-firewall-connectionTrackingModules-example="networking-firewall-connectionTrackingModules-example">Example</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span><span class="s2">"ftp"</span><span class="s2">"irc"</span><span class="s2">"sane"</span><span class="s2">"sip"</span><span class="s2">"tftp"</span><span class="s2">"amanda"</span><span class="s2">"h323"</span><span class="s2">"netbios_sn"</span><span class="s2">"pptp"</span><span class="s2">"snmp"</span><span class="p">]</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewallenable" networking-firewall-enable="networking-firewall-enable"><code>networking.firewall.enable</code></h2>
|
||
|
<p>Whether to enable the firewall. This is a simple stateful
|
||
|
firewall that blocks connection attempts to unauthorised TCP
|
||
|
or UDP ports on this machine.</p>
|
||
|
<p><strong>Type:</strong> <code>boolean</code></p>
|
||
|
<h3 id="default_8" networking-firewall-enable-default="networking-firewall-enable-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="no">true</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewallextracommands" networking-firewall-extraCommands="networking-firewall-extraCommands"><code>networking.firewall.extraCommands</code></h2>
|
||
|
<p>Additional shell commands executed as part of the firewall
|
||
|
initialisation script. These are executed just before the
|
||
|
final "reject" firewall rule is added, so they can be used
|
||
|
to allow packets that would otherwise be refused.</p>
|
||
|
<p>This option only works with the iptables based firewall.</p>
|
||
|
<p><strong>Type:</strong> <code>strings concatenated with "\n"</code></p>
|
||
|
<h3 id="default_9" networking-firewall-extraCommands-default="networking-firewall-extraCommands-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="s2">""</span></code></p>
|
||
|
<h3 id="example_6" networking-firewall-extraCommands-example="networking-firewall-extraCommands-example">Example</h3>
|
||
|
<p><code class="highlight"><span class="s2">"iptables -A INPUT -p icmp -j ACCEPT"</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall-iptables.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall-iptables.nix</a></p>
|
||
|
<h2 id="networkingfirewallextraforwardrules" networking-firewall-extraForwardRules="networking-firewall-extraForwardRules"><code>networking.firewall.extraForwardRules</code></h2>
|
||
|
<p>Additional nftables rules to be appended to the forward-allow
|
||
|
chain.</p>
|
||
|
<p>This option only works with the nftables based firewall.</p>
|
||
|
<p><strong>Type:</strong> <code>strings concatenated with "\n"</code></p>
|
||
|
<h3 id="default_10" networking-firewall-extraForwardRules-default="networking-firewall-extraForwardRules-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="s2">""</span></code></p>
|
||
|
<h3 id="example_7" networking-firewall-extraForwardRules-example="networking-firewall-extraForwardRules-example">Example</h3>
|
||
|
<p><code class="highlight"><span class="s2">"iifname wg0 accept"</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall-nftables.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall-nftables.nix</a></p>
|
||
|
<h2 id="networkingfirewallextrainputrules" networking-firewall-extraInputRules="networking-firewall-extraInputRules"><code>networking.firewall.extraInputRules</code></h2>
|
||
|
<p>Additional nftables rules to be appended to the input-allow
|
||
|
chain.</p>
|
||
|
<p>This option only works with the nftables based firewall.</p>
|
||
|
<p><strong>Type:</strong> <code>strings concatenated with "\n"</code></p>
|
||
|
<h3 id="default_11" networking-firewall-extraInputRules-default="networking-firewall-extraInputRules-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="s2">""</span></code></p>
|
||
|
<h3 id="example_8" networking-firewall-extraInputRules-example="networking-firewall-extraInputRules-example">Example</h3>
|
||
|
<p><code class="highlight"><span class="s2">"ip6 saddr { fc00::/7, fe80::/10 } tcp dport 24800 accept"</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall-nftables.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall-nftables.nix</a></p>
|
||
|
<h2 id="networkingfirewallextrapackages" networking-firewall-extraPackages="networking-firewall-extraPackages"><code>networking.firewall.extraPackages</code></h2>
|
||
|
<p>Additional packages to be included in the environment of the system
|
||
|
as well as the path of networking.firewall.extraCommands.</p>
|
||
|
<p><strong>Type:</strong> <code>list of package</code></p>
|
||
|
<h3 id="default_12" networking-firewall-extraPackages-default="networking-firewall-extraPackages-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span> <span class="p">]</span></code></p>
|
||
|
<h3 id="example_9" networking-firewall-extraPackages-example="networking-firewall-extraPackages-example">Example</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span> pkgs<span class="o">.</span>ipset <span class="p">]</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewallextrareversepathfilterrules" networking-firewall-extraReversePathFilterRules="networking-firewall-extraReversePathFilterRules"><code>networking.firewall.extraReversePathFilterRules</code></h2>
|
||
|
<p>Additional nftables rules to be appended to the rpfilter-allow
|
||
|
chain.</p>
|
||
|
<p>This option only works with the nftables based firewall.</p>
|
||
|
<p><strong>Type:</strong> <code>strings concatenated with "\n"</code></p>
|
||
|
<h3 id="default_13" networking-firewall-extraReversePathFilterRules-default="networking-firewall-extraReversePathFilterRules-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="s2">""</span></code></p>
|
||
|
<h3 id="example_10" networking-firewall-extraReversePathFilterRules-example="networking-firewall-extraReversePathFilterRules-example">Example</h3>
|
||
|
<p><code class="highlight"><span class="s2">"fib daddr . mark . iif type local accept"</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall-nftables.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall-nftables.nix</a></p>
|
||
|
<h2 id="networkingfirewallextrastopcommands" networking-firewall-extraStopCommands="networking-firewall-extraStopCommands"><code>networking.firewall.extraStopCommands</code></h2>
|
||
|
<p>Additional shell commands executed as part of the firewall
|
||
|
shutdown script. These are executed just after the removal
|
||
|
of the NixOS input rule, or if the service enters a failed
|
||
|
state.</p>
|
||
|
<p>This option only works with the iptables based firewall.</p>
|
||
|
<p><strong>Type:</strong> <code>strings concatenated with "\n"</code></p>
|
||
|
<h3 id="default_14" networking-firewall-extraStopCommands-default="networking-firewall-extraStopCommands-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="s2">""</span></code></p>
|
||
|
<h3 id="example_11" networking-firewall-extraStopCommands-example="networking-firewall-extraStopCommands-example">Example</h3>
|
||
|
<p><code class="highlight"><span class="s2">"iptables -P INPUT ACCEPT"</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall-iptables.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall-iptables.nix</a></p>
|
||
|
<h2 id="networkingfirewallfilterforward" networking-firewall-filterForward="networking-firewall-filterForward"><code>networking.firewall.filterForward</code></h2>
|
||
|
<p>Enable filtering in IP forwarding.</p>
|
||
|
<p>This option only works with the nftables based firewall.</p>
|
||
|
<p><strong>Type:</strong> <code>boolean</code></p>
|
||
|
<h3 id="default_15" networking-firewall-filterForward-default="networking-firewall-filterForward-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="no">false</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewallinterfaces" networking-firewall-interfaces="networking-firewall-interfaces"><code>networking.firewall.interfaces</code></h2>
|
||
|
<p>Interface-specific open ports.</p>
|
||
|
<p><strong>Type:</strong> <code>attribute set of (submodule)</code></p>
|
||
|
<h3 id="default_16" networking-firewall-interfaces-default="networking-firewall-interfaces-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="p">{</span> <span class="p">}</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewallinterfacesnameallowedtcpportranges" networking-firewall-interfaces-_wzxhzdk:64_-allowedTCPPortRanges="networking-firewall-interfaces-<name>-allowedTCPPortRanges"><code>networking.firewall.interfaces.<name>.allowedTCPPortRanges</code></h2>
|
||
|
<p>A range of TCP ports on which incoming connections are
|
||
|
accepted.</p>
|
||
|
<p><strong>Type:</strong> <code>list of attribute set of 16 bit unsigned integer; between 0 and 65535 (both inclusive)</code></p>
|
||
|
<h3 id="default_17" networking-firewall-interfaces-_wzxhzdk:66_-allowedTCPPortRanges-default="networking-firewall-interfaces-<name>-allowedTCPPortRanges-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span> <span class="p">]</span></code></p>
|
||
|
<h3 id="example_12" networking-firewall-interfaces-_wzxhzdk:68_-allowedTCPPortRanges-example="networking-firewall-interfaces-<name>-allowedTCPPortRanges-example">Example</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span><span class="p">{</span><span class="ss">from</span> <span class="o">=</span> <span class="mi">8999</span><span class="p">;</span><span class="ss">to</span> <span class="o">=</span> <span class="mi">9003</span><span class="p">;</span><span class="p">}</span><span class="p">]</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewallinterfacesnameallowedtcpports" networking-firewall-interfaces-_wzxhzdk:71_-allowedTCPPorts="networking-firewall-interfaces-<name>-allowedTCPPorts"><code>networking.firewall.interfaces.<name>.allowedTCPPorts</code></h2>
|
||
|
<p>List of TCP ports on which incoming connections are
|
||
|
accepted.</p>
|
||
|
<p><strong>Type:</strong> <code>list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)</code></p>
|
||
|
<h3 id="default_18" networking-firewall-interfaces-_wzxhzdk:73_-allowedTCPPorts-default="networking-firewall-interfaces-<name>-allowedTCPPorts-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span> <span class="p">]</span></code></p>
|
||
|
<h3 id="example_13" networking-firewall-interfaces-_wzxhzdk:75_-allowedTCPPorts-example="networking-firewall-interfaces-<name>-allowedTCPPorts-example">Example</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span><span class="mi">22</span><span class="mi">80</span><span class="p">]</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewallinterfacesnameallowedudpportranges" networking-firewall-interfaces-_wzxhzdk:78_-allowedUDPPortRanges="networking-firewall-interfaces-<name>-allowedUDPPortRanges"><code>networking.firewall.interfaces.<name>.allowedUDPPortRanges</code></h2>
|
||
|
<p>Range of open UDP ports.</p>
|
||
|
<p><strong>Type:</strong> <code>list of attribute set of 16 bit unsigned integer; between 0 and 65535 (both inclusive)</code></p>
|
||
|
<h3 id="default_19" networking-firewall-interfaces-_wzxhzdk:80_-allowedUDPPortRanges-default="networking-firewall-interfaces-<name>-allowedUDPPortRanges-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span> <span class="p">]</span></code></p>
|
||
|
<h3 id="example_14" networking-firewall-interfaces-_wzxhzdk:82_-allowedUDPPortRanges-example="networking-firewall-interfaces-<name>-allowedUDPPortRanges-example">Example</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span><span class="p">{</span><span class="ss">from</span> <span class="o">=</span> <span class="mi">60000</span><span class="p">;</span><span class="ss">to</span> <span class="o">=</span> <span class="mi">61000</span><span class="p">;</span><span class="p">}</span><span class="p">]</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewallinterfacesnameallowedudpports" networking-firewall-interfaces-_wzxhzdk:85_-allowedUDPPorts="networking-firewall-interfaces-<name>-allowedUDPPorts"><code>networking.firewall.interfaces.<name>.allowedUDPPorts</code></h2>
|
||
|
<p>List of open UDP ports.</p>
|
||
|
<p><strong>Type:</strong> <code>list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)</code></p>
|
||
|
<h3 id="default_20" networking-firewall-interfaces-_wzxhzdk:87_-allowedUDPPorts-default="networking-firewall-interfaces-<name>-allowedUDPPorts-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span> <span class="p">]</span></code></p>
|
||
|
<h3 id="example_15" networking-firewall-interfaces-_wzxhzdk:89_-allowedUDPPorts-example="networking-firewall-interfaces-<name>-allowedUDPPorts-example">Example</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span><span class="mi">53</span><span class="p">]</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewalllogrefusedconnections" networking-firewall-logRefusedConnections="networking-firewall-logRefusedConnections"><code>networking.firewall.logRefusedConnections</code></h2>
|
||
|
<p>Whether to log rejected or dropped incoming connections.
|
||
|
Note: The logs are found in the kernel logs, i.e. dmesg
|
||
|
or journalctl -k.</p>
|
||
|
<p><strong>Type:</strong> <code>boolean</code></p>
|
||
|
<h3 id="default_21" networking-firewall-logRefusedConnections-default="networking-firewall-logRefusedConnections-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="no">true</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewalllogrefusedpackets" networking-firewall-logRefusedPackets="networking-firewall-logRefusedPackets"><code>networking.firewall.logRefusedPackets</code></h2>
|
||
|
<p>Whether to log all rejected or dropped incoming packets.
|
||
|
This tends to give a lot of log messages, so it's mostly
|
||
|
useful for debugging.
|
||
|
Note: The logs are found in the kernel logs, i.e. dmesg
|
||
|
or journalctl -k.</p>
|
||
|
<p><strong>Type:</strong> <code>boolean</code></p>
|
||
|
<h3 id="default_22" networking-firewall-logRefusedPackets-default="networking-firewall-logRefusedPackets-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="no">false</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewalllogrefusedunicastsonly" networking-firewall-logRefusedUnicastsOnly="networking-firewall-logRefusedUnicastsOnly"><code>networking.firewall.logRefusedUnicastsOnly</code></h2>
|
||
|
<p>If {option}<code>networking.firewall.logRefusedPackets</code>
|
||
|
and this option are enabled, then only log packets
|
||
|
specifically directed at this machine, i.e., not broadcasts
|
||
|
or multicasts.</p>
|
||
|
<p><strong>Type:</strong> <code>boolean</code></p>
|
||
|
<h3 id="default_23" networking-firewall-logRefusedUnicastsOnly-default="networking-firewall-logRefusedUnicastsOnly-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="no">true</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewalllogreversepathdrops" networking-firewall-logReversePathDrops="networking-firewall-logReversePathDrops"><code>networking.firewall.logReversePathDrops</code></h2>
|
||
|
<p>Logs dropped packets failing the reverse path filter test if
|
||
|
the option networking.firewall.checkReversePath is enabled.</p>
|
||
|
<p><strong>Type:</strong> <code>boolean</code></p>
|
||
|
<h3 id="default_24" networking-firewall-logReversePathDrops-default="networking-firewall-logReversePathDrops-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="no">false</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewallpackage" networking-firewall-package="networking-firewall-package"><code>networking.firewall.package</code></h2>
|
||
|
<p>The package to use for running the firewall service.</p>
|
||
|
<p><strong>Type:</strong> <code>package</code></p>
|
||
|
<h3 id="default_25" networking-firewall-package-default="networking-firewall-package-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="k">if</span> config<span class="o">.</span>networking<span class="o">.</span>nftables<span class="o">.</span>enable <span class="k">then</span> <span class="s2">"pkgs.nftables"</span> <span class="k">else</span> <span class="s2">"pkgs.iptables"</span></code></p>
|
||
|
<h3 id="example_16" networking-firewall-package-example="networking-firewall-package-example">Example</h3>
|
||
|
<p><code class="highlight">pkgs<span class="o">.</span>iptables-legacy</code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewallpinglimit" networking-firewall-pingLimit="networking-firewall-pingLimit"><code>networking.firewall.pingLimit</code></h2>
|
||
|
<p>If pings are allowed, this allows setting rate limits on them.</p>
|
||
|
<p>For the iptables based firewall, it should be set like
|
||
|
"--limit 1/minute --limit-burst 5".</p>
|
||
|
<p>For the nftables based firewall, it should be set like
|
||
|
"2/second" or "1/minute burst 5 packets".</p>
|
||
|
<p><strong>Type:</strong> <code>null or strings concatenated with " "</code></p>
|
||
|
<h3 id="default_26" networking-firewall-pingLimit-default="networking-firewall-pingLimit-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="no">null</span></code></p>
|
||
|
<h3 id="example_17" networking-firewall-pingLimit-example="networking-firewall-pingLimit-example">Example</h3>
|
||
|
<p><code class="highlight"><span class="s2">"--limit 1/minute --limit-burst 5"</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewallrejectpackets" networking-firewall-rejectPackets="networking-firewall-rejectPackets"><code>networking.firewall.rejectPackets</code></h2>
|
||
|
<p>If set, refused packets are rejected rather than dropped
|
||
|
(ignored). This means that an ICMP "port unreachable" error
|
||
|
message is sent back to the client (or a TCP RST packet in
|
||
|
case of an existing connection). Rejecting packets makes
|
||
|
port scanning somewhat easier.</p>
|
||
|
<p><strong>Type:</strong> <code>boolean</code></p>
|
||
|
<h3 id="default_27" networking-firewall-rejectPackets-default="networking-firewall-rejectPackets-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="no">false</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
<h2 id="networkingfirewalltrustedinterfaces" networking-firewall-trustedInterfaces="networking-firewall-trustedInterfaces"><code>networking.firewall.trustedInterfaces</code></h2>
|
||
|
<p>Traffic coming in from these interfaces will be accepted
|
||
|
unconditionally. Traffic from the loopback (lo) interface
|
||
|
will always be accepted.</p>
|
||
|
<p><strong>Type:</strong> <code>list of string</code></p>
|
||
|
<h3 id="default_28" networking-firewall-trustedInterfaces-default="networking-firewall-trustedInterfaces-default">Default</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span> <span class="p">]</span></code></p>
|
||
|
<h3 id="example_18" networking-firewall-trustedInterfaces-example="networking-firewall-trustedInterfaces-example">Example</h3>
|
||
|
<p><code class="highlight"><span class="p">[</span><span class="s2">"enp0s2"</span><span class="p">]</span></code></p>
|
||
|
<p><strong>Declared by:</strong> <a href="https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix">https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/firewall.nix</a></p>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
</article>
|
||
|
</div>
|
||
|
|
||
|
|
||
|
<script>var target=document.getElementById(location.hash.slice(1));target&&target.name&&(target.checked=target.name.startsWith("__tabbed_"))</script>
|
||
|
</div>
|
||
|
|
||
|
</main>
|
||
|
|
||
|
<footer class="md-footer">
|
||
|
|
||
|
<div class="md-footer-meta md-typeset">
|
||
|
<div class="md-footer-meta__inner md-grid">
|
||
|
<div class="md-copyright">
|
||
|
|
||
|
<div class="md-copyright__highlight">
|
||
|
Licenced MIT
|
||
|
</div>
|
||
|
|
||
|
|
||
|
Made with
|
||
|
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
|
||
|
Material for MkDocs
|
||
|
</a>
|
||
|
|
||
|
</div>
|
||
|
|
||
|
<div class="md-social">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<a href="https://git.auxolotl.org/auxolotl/docs" target="_blank" rel="noopener" title="Aux Docs Repo" class="md-social__link">
|
||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M16.777 0a2.9 2.9 0 1 1-2.529 4.322H12.91a4.266 4.266 0 0 0-4.265 4.195v2.118a7.076 7.076 0 0 1 4.147-1.42l.118-.002h1.338a2.9 2.9 0 0 1 5.43 1.422 2.9 2.9 0 0 1-5.43 1.422H12.91a4.266 4.266 0 0 0-4.265 4.195v2.319A2.9 2.9 0 0 1 7.222 24 2.9 2.9 0 0 1 5.8 18.57V8.589a7.109 7.109 0 0 1 6.991-7.108l.118-.001h1.338A2.9 2.9 0 0 1 16.778 0ZM7.223 19.905a1.194 1.194 0 1 0 0 2.389 1.194 1.194 0 0 0 0-2.389Zm9.554-10.464a1.194 1.194 0 1 0 0 2.389 1.194 1.194 0 0 0 0-2.39Zm0-7.735a1.194 1.194 0 1 0 0 2.389 1.194 1.194 0 0 0 0-2.389Z"/></svg>
|
||
|
</a>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<a href="https://forum.aux.computer/" target="_blank" rel="noopener" title="Aux Forum" class="md-social__link">
|
||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12.103 0C18.666 0 24 5.485 24 11.997c0 6.51-5.33 11.99-11.9 11.99L0 24V11.79C0 5.28 5.532 0 12.103 0zm.116 4.563a7.395 7.395 0 0 0-6.337 3.57 7.247 7.247 0 0 0-.148 7.22L4.4 19.61l4.794-1.074a7.424 7.424 0 0 0 8.136-1.39 7.256 7.256 0 0 0 1.737-7.997 7.375 7.375 0 0 0-6.84-4.585h-.008z"/></svg>
|
||
|
</a>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<a href="https://wiki.auxolotl.org/" target="_blank" rel="noopener" title="Aux Wiki" class="md-social__link">
|
||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M17.801 13.557c.148.098.288.202.417.313 1.854 1.6 3.127 4.656 2.582 7.311-1.091-.255-5.747-1.055-7.638-3.383-.91-1.12-1.366-2.081-1.569-2.885a5.65 5.65 0 0 0 .034-.219c.089.198.197.35.313.466.24.24.521.335.766.372.304.046.594-.006.806-.068l.001.001c.05-.015.433-.116.86-.342.325-.173 2.008-.931 3.428-1.566Zm-7.384 1.435C9.156 16.597 6.6 18.939.614 18.417c.219-1.492 1.31-3.019 2.51-4.11.379-.345.906-.692 1.506-1.009.286.168.598.332.939.486 2.689 1.221 3.903 1.001 4.89.573a1.3 1.3 0 0 0 .054-.025 6.156 6.156 0 0 0-.096.66Zm4.152-.462c.38-.341.877-.916 1.383-1.559-.389-.15-.866-.371-1.319-.591-.598-.29-1.305-.283-2.073-.315a4.685 4.685 0 0 1-.804-.103c.014-.123.027-.246.038-.369.062.104.673.057.871.057.354 0 1.621.034 3.074-.574 1.452-.608 2.55-1.706 3.022-3.225.474-1.52.22-3.091-.168-3.952-.169.709-1.453 2.381-1.926 2.871-.473.489-2.381 2.296-2.972 2.921-.7.74-.688.793-1.332 1.302-.202.19-.499.402-.563.53.027-.338.039-.675.027-.997a7.653 7.653 0 0 0-.032-.523c.322-.059.567-.522.567-.861 0-.224-.106-.247-.271-.229.075-.894.382-3.923 1.254-4.281.218.109.831.068.649-.295-.182-.364-.825-.074-1.081.266-.28.374-.956 2.046-.92 4.324-.113.014-.174.033-.322.033-.171 0-.321-.04-.433-.05.034-2.275-.714-3.772-.84-4.169-.12-.375-.491-.596-.781-.596-.146 0-.272.056-.333.179-.182.363.459.417.677.308.706.321 1.156 3.519 1.254 4.277-.125-.006-.199.035-.199.233 0 .311.17.756.452.843a.442.442 0 0 0-.007.03s-.287.99-.413 2.189a4.665 4.665 0 0 1-.718-.225c-.714-.286-1.355-.583-2.019-.566-.664.018-1.366.023-1.804-.036-.438-.058-.649-.15-.649-.15s-.234.365.257 1.075c.42.607 1.055 1.047 1.644 1.18.589.134 1.972.18 2.785-.377.16-.109.317-.228.459-.34a8.717 8.717 0 0 0-.013.626c-.289.753-.571 1.993-.268 3.338 0-.001.701-.842.787-2.958.006-.144.009-.271.01-.383.052-.248.103-.518.148-.799.072.135.151.277.234.413.511.842 1.791 1.37 2.383 1.49.091.019.187.032.285.038Zm-1.12.745c-.188.055-.445.1-.713.059-.21-.031-.45-.11-.655-.316-.169-.168-.312-.419-.401-.789a9.837 9.837 0 0 0 .039-.82l.049-.243c.563.855 1.865 1.398 2.476 1.522.036.008.072.014.109.02l-.013.009c-.579.415-.76.503-.891.558Zm6.333-2.818c-.257.114-4.111 1.822-5.246 2.363.98-.775 3.017-3.59 3.699-4.774 1.062.661 1.468 1.109 1.623 1.441.101.217.09.38.096.515a.57.57 0 0 1-.172.455Zm-9.213 1.62a1.606 1.606 0 0 1-.19.096c-.954.414-2.126.61-4.728-.571-2.023-.918-3.024-2.157-3.371-2.666.476.161 1.471.473 2.157.524.282.021.703.068 1.167.125.021.209.109.486.345.829l.001.001c.451.651 1.134 1.119 1.765 1.262.622.141 2.083.182 2.942-.407a3.12 3.12 0 0 0 .132-.093l.001.179a6.052 6.052 0 0 0-.221.721Zm5.512-1.271a17.49 17.49 0 0 1-1.326-.589c.437.042 1.054.083 1.692.108-.121.162-.244.323-.366.481Zm.932-1.26c-.12.17-.245.343-.373.517-.241.018-.478.03-.709.038a29.05 29.05 0 0 1-.741-.048c.608-.065 1.228-.252 1.823-.507Zm.22-.315c-.809.382-1.679.648-2.507.648-.472 0-.833.018-1.139.039v.001c-.324-.031-.665-.039-1.019-.054a3.555 3.555 0 0 1-.152-.009c.102-.002.192-.006.249-.006.363 0 1.662.034 3.151-.589 1.508-.632 2.645-1.773 3.136-3.351.37-1.186.31-2.402.086-3.312.458-.336.86-.651 1.147-.91.501-.451.743-.733.848-.869.199.206.714.864.685 2.138-.036 1.611-.606 3.187-1.501 4.154a9.099 9.099 0 0 1-1.321 1.132 11.978 11.978 0 0 0-.644-.422l-.089-.055-.051.091c-.184.332-.5.825-.879 1.374ZM4.763 5.817c-.157 1.144.113 2.323.652 3.099.539.776 2.088 2.29 3.614 2.505.991.14 2.055.134 2.055.134s-.593-.576-1.114-1.66c-.521-1.085-.948-2.104-1.734-2.786-.785-.681-1.601-1.416-2.045-1.945-.444-.53-.59-.86-.59-.86s-.656.175-.838 1.513Zm14.301 4.549a9.162 9.162 0 0 0 1.3-1.12c.326-.352.611-.782.845-1.265 1.315.145 2.399.371 2.791.434 0 0-.679 1.971-3.945 3.022l-.016-.035c-.121-.26-.385-.594-.975-1.036Zm-11.634.859a8.537 8.537 0 0 1-.598-.224c-1.657-.693-2.91-1.944-3.449-3.678-.498-1.601-.292-3.251.091-4.269.225.544.758 1.34 1.262 2.01a3.58 3.58 0 0 0-.172.726c-.163 1.197.123 2.428.687 3.24.416.599 1.417 1.62 2.555 2.193-.128.002-.253.003-.376.002Zm-1.758-.077c-.958-.341-1.901-.787-2.697-1.368C-.07 7.559 0 6.827 0 6.827s1.558-.005 3.088.179c.03.126.065.
|
||
|
</a>
|
||
|
|
||
|
</div>
|
||
|
|
||
|
</div>
|
||
|
</div>
|
||
|
</footer>
|
||
|
|
||
|
</div>
|
||
|
<div class="md-dialog" data-md-component="dialog">
|
||
|
<div class="md-dialog__inner md-typeset"></div>
|
||
|
</div>
|
||
|
|
||
|
|
||
|
<script id="__config" type="application/json">{"base": "../../..", "features": ["content.tooltips", "search.highlight", "navigation.tabs", "navigation.indexes", "navigation.prune"], "search": "../../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
|
||
|
|
||
|
|
||
|
<script src="../../../assets/javascripts/bundle.fe8b6f2b.min.js"></script>
|
||
|
|
||
|
|
||
|
</body>
|
||
|
</html>
|