diff options
author | Bernardo Meurer <bernardo@meurer.org> | 2022-09-06 14:05:20 -0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-09-06 14:05:20 -0300 |
commit | 0627237785eba8539342129f7b20e616fc7d5a11 (patch) | |
tree | 5c1b4fae7cc217db442a938ea3e9f184992e0f2e | |
parent | 33f0612a2d942f3d87c1b304f81ef6268bb0274a (diff) | |
parent | 7689468a4ba2bfbaeaaf30c29bd19c9607a1dd99 (diff) | |
download | nixpkgs-0627237785eba8539342129f7b20e616fc7d5a11.tar nixpkgs-0627237785eba8539342129f7b20e616fc7d5a11.tar.gz nixpkgs-0627237785eba8539342129f7b20e616fc7d5a11.tar.bz2 nixpkgs-0627237785eba8539342129f7b20e616fc7d5a11.tar.lz nixpkgs-0627237785eba8539342129f7b20e616fc7d5a11.tar.xz nixpkgs-0627237785eba8539342129f7b20e616fc7d5a11.tar.zst nixpkgs-0627237785eba8539342129f7b20e616fc7d5a11.zip |
Merge pull request #181334 from zhaofengli/nat-iptables-pkg
nixos/nat: Use the package specified in networking.firewall.package
-rw-r--r-- | nixos/modules/services/networking/nat.nix | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/nixos/modules/services/networking/nat.nix b/nixos/modules/services/networking/nat.nix index 0eb9b158e68..0b70ae47ccf 100644 --- a/nixos/modules/services/networking/nat.nix +++ b/nixos/modules/services/networking/nat.nix @@ -319,7 +319,10 @@ in } ]; - environment.systemPackages = [ pkgs.iptables ]; + # Use the same iptables package as in config.networking.firewall. + # When the firewall is enabled, this should be deduplicated without any + # error. + environment.systemPackages = [ config.networking.firewall.package ]; boot = { kernelModules = [ "nf_nat_ftp" ]; @@ -347,7 +350,7 @@ in description = "Network Address Translation"; wantedBy = [ "network.target" ]; after = [ "network-pre.target" "systemd-modules-load.service" ]; - path = [ pkgs.iptables ]; + path = [ config.networking.firewall.package ]; unitConfig.ConditionCapability = "CAP_NET_ADMIN"; serviceConfig = { |