zzkt/guix
1
0
Fork 0
Code Issues Pull requests Actions Projects Activity

Put in earplugs

Browse source
This commit is contained in:
nik gaffney 2024-01-23 20:36:25 +01:00
parent 5490a8950b
commit 26bafa406a
Signed by: nik
GPG key ID: 989F5E6EDB478160
2 changed files with 9 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
config/framework13-system.org
View file

@ -229,6 +229,8 @@ use dovecot for local IMAP
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT -A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
-A INPUT -p udp -m udp --dport 5353 -j ACCEPT -A INPUT -p udp -m udp --dport 5353 -j ACCEPT
-A INPUT -p udp -m udp --dport 51820 -j ACCEPT
-A INPUT -i wg0 -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p udp -m udp -s 192.168.0.0/16 --dport 137 -j ACCEPT -A INPUT -p udp -m udp -s 192.168.0.0/16 --dport 137 -j ACCEPT
-A INPUT -p udp -m udp -s 192.168.0.0/16 --dport 138 -j ACCEPT -A INPUT -p udp -m udp -s 192.168.0.0/16 --dport 138 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.0.0/16 --dport 139 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.0.0/16 --dport 139 -j ACCEPT
@ -247,8 +249,8 @@ COMMIT
-A INPUT -p udp -m udp --dport 5353 -j ACCEPT -A INPUT -p udp -m udp --dport 5353 -j ACCEPT
-A INPUT -p udp -m udp --dport 51820 -j ACCEPT -A INPUT -p udp -m udp --dport 51820 -j ACCEPT
-A INPUT -i wg0 -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -i wg0 -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p udp -m udp -s 192.168.0.0/16 --dport 137 -j ACCEPT -A INPUT -p udp -m udp -s fd24:609a:6c18::/64 --dport 137 -j ACCEPT
-A INPUT -p udp -m udp -s 192.168.0.0/16 --dport 138 -j ACCEPT -A INPUT -p udp -m udp -s fd24:609a:6c18::/64 --dport 138 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.0.0/16 --dport 139 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.0.0/16 --dport 139 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.0.0/16 --dport 445 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.0.0/16 --dport 445 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp6-port-unreachable -A INPUT -j REJECT --reject-with icmp6-port-unreachable

8
config/framework13-system.scm
View file

@ -1,6 +1,6 @@
;; -*- mode: scheme; coding: utf-8; -*- ;; -*- mode: scheme; coding: utf-8; -*-
;; ;;
;; tangled from framework13-system.org on 2024-01-23 17:38:17+01:00) ;; tangled from framework13-system.org on 2024-01-23 20:36:10+01:00)
(use-modules (gnu) (use-modules (gnu)
(gnu packages) (gnu packages)
@ -133,6 +133,8 @@
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT -A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
-A INPUT -p udp -m udp --dport 5353 -j ACCEPT -A INPUT -p udp -m udp --dport 5353 -j ACCEPT
-A INPUT -p udp -m udp --dport 51820 -j ACCEPT
-A INPUT -i wg0 -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p udp -m udp -s 192.168.0.0/16 --dport 137 -j ACCEPT -A INPUT -p udp -m udp -s 192.168.0.0/16 --dport 137 -j ACCEPT
-A INPUT -p udp -m udp -s 192.168.0.0/16 --dport 138 -j ACCEPT -A INPUT -p udp -m udp -s 192.168.0.0/16 --dport 138 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.0.0/16 --dport 139 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.0.0/16 --dport 139 -j ACCEPT
@ -151,8 +153,8 @@ COMMIT
-A INPUT -p udp -m udp --dport 5353 -j ACCEPT -A INPUT -p udp -m udp --dport 5353 -j ACCEPT
-A INPUT -p udp -m udp --dport 51820 -j ACCEPT -A INPUT -p udp -m udp --dport 51820 -j ACCEPT
-A INPUT -i wg0 -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -i wg0 -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p udp -m udp -s 192.168.0.0/16 --dport 137 -j ACCEPT -A INPUT -p udp -m udp -s fd24:609a:6c18::/64 --dport 137 -j ACCEPT
-A INPUT -p udp -m udp -s 192.168.0.0/16 --dport 138 -j ACCEPT -A INPUT -p udp -m udp -s fd24:609a:6c18::/64 --dport 138 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.0.0/16 --dport 139 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.0.0/16 --dport 139 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.0.0/16 --dport 445 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.0.0/16 --dport 445 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp6-port-unreachable -A INPUT -j REJECT --reject-with icmp6-port-unreachable