diff options
| author | Bernardo Meurer <bernardo@meurer.org> | 2021-08-31 01:21:07 -0700 |
|---|---|---|
| committer | Bernardo Meurer <bernardo@meurer.org> | 2021-08-31 01:21:07 -0700 |
| commit | 9e7af8a13c5fce9d35e2d5b11dbd5f30a879148b (patch) | |
| tree | b4d9d661b39f9a3f205fbc76ff0d0026fd18851c | |
| parent | edddb705e8c735eb868d2e95663ae9a633b2f8d3 (diff) | |
| download | nixpkgs-9e7af8a13c5fce9d35e2d5b11dbd5f30a879148b.tar nixpkgs-9e7af8a13c5fce9d35e2d5b11dbd5f30a879148b.tar.gz nixpkgs-9e7af8a13c5fce9d35e2d5b11dbd5f30a879148b.tar.bz2 nixpkgs-9e7af8a13c5fce9d35e2d5b11dbd5f30a879148b.tar.lz nixpkgs-9e7af8a13c5fce9d35e2d5b11dbd5f30a879148b.tar.xz nixpkgs-9e7af8a13c5fce9d35e2d5b11dbd5f30a879148b.tar.zst nixpkgs-9e7af8a13c5fce9d35e2d5b11dbd5f30a879148b.zip | |
nixos/roon-bridge: fix openFirewall
| -rw-r--r-- | nixos/modules/services/audio/roon-bridge.nix | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/nixos/modules/services/audio/roon-bridge.nix b/nixos/modules/services/audio/roon-bridge.nix index 85273a2039c..e08f8a4f9e7 100644 --- a/nixos/modules/services/audio/roon-bridge.nix +++ b/nixos/modules/services/audio/roon-bridge.nix @@ -14,9 +14,6 @@ in { default = false; description = '' Open ports in the firewall for the bridge. - - UDP: 9003 - TCP: 9100 - 9200 ''; }; user = mkOption { @@ -54,10 +51,15 @@ in { }; networking.firewall = mkIf cfg.openFirewall { - allowedTCPPortRanges = [ - { from = 9100; to = 9200; } - ]; + allowedTCPPortRanges = [{ from = 9100; to = 9200; }]; allowedUDPPorts = [ 9003 ]; + extraCommands = '' + iptables -A INPUT -s 224.0.0.0/4 -j ACCEPT + iptables -A INPUT -d 224.0.0.0/4 -j ACCEPT + iptables -A INPUT -s 240.0.0.0/5 -j ACCEPT + iptables -A INPUT -m pkttype --pkt-type multicast -j ACCEPT + iptables -A INPUT -m pkttype --pkt-type broadcast -j ACCEPT + ''; }; |