TakeV/guix
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
guix/gnu
History
Tomas Volf 82f9e5ac97
services: nftables: Tighten the default rules. 
Packets for local host IP ranges should be coming only over lo.  If that is
not the case, we should drop them.  Use iif for the check instead of iifname,
lo is guaranteed to exists, and iif is faster.

* gnu/services/networking.scm (%default-nftables-ruleset): Tighten the rules.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2023-10-20 00:33:26 +02:00
..
bootloader
build linux-modules: Fix module dependency loading. 2023-10-15 02:00:00 +02:00
home
installer
machine
packages gnu: unison: Update to 2.53.3. 2023-10-20 00:33:26 +02:00
services services: nftables: Tighten the default rules. 2023-10-20 00:33:26 +02:00
system system: Modify bash skeleton to colorize 'ip' output. 2023-10-06 11:52:13 +02:00
tests services: static-networking: Add support for bonding. 2023-10-11 18:51:07 +02:00
artwork.scm
bootloader.scm
ci.scm
compression.scm
home.scm
image.scm
installer.scm
local.mk gnu: unison: Update to 2.53.3. 2023-10-20 00:33:26 +02:00
machine.scm
packages.scm
services.scm
system.scm
tests.scm