diff options
| author | William A. Kennington III <william@wkennington.com> | 2014-09-15 21:29:46 -0700 |
|---|---|---|
| committer | William A. Kennington III <william@wkennington.com> | 2014-09-15 21:31:26 -0700 |
| commit | 6a43d512918e6449cb55fd10cdf7baf634e0ed87 (patch) | |
| tree | 6ee3ef1f8247e6fe7fbbb3b932b11ee8eb050bc0 /nixos/modules/services/networking/firewall.nix | |
| parent | 43c2bc0f8c0f50eca0b0e47820ee503c14b4b152 (diff) | |
| download | nixpkgs-6a43d512918e6449cb55fd10cdf7baf634e0ed87.tar nixpkgs-6a43d512918e6449cb55fd10cdf7baf634e0ed87.tar.gz nixpkgs-6a43d512918e6449cb55fd10cdf7baf634e0ed87.tar.bz2 nixpkgs-6a43d512918e6449cb55fd10cdf7baf634e0ed87.tar.lz nixpkgs-6a43d512918e6449cb55fd10cdf7baf634e0ed87.tar.xz nixpkgs-6a43d512918e6449cb55fd10cdf7baf634e0ed87.tar.zst nixpkgs-6a43d512918e6449cb55fd10cdf7baf634e0ed87.zip | |
nixos/firewall: Support extraStopCommands
Diffstat (limited to 'nixos/modules/services/networking/firewall.nix')
| -rw-r--r-- | nixos/modules/services/networking/firewall.nix | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/nixos/modules/services/networking/firewall.nix b/nixos/modules/services/networking/firewall.nix index b97ec8b4d43..eaf48b9c6e5 100644 --- a/nixos/modules/services/networking/firewall.nix +++ b/nixos/modules/services/networking/firewall.nix @@ -240,6 +240,18 @@ in ''; }; + networking.firewall.extraStopCommands = mkOption { + type = types.lines; + default = ""; + example = "iptables -P INPUT ACCEPT"; + description = + '' + Additional shell commands executed as part of the firewall + shutdown script. These are executed just after the removal + of the nixos input rule. + ''; + }; + }; @@ -432,6 +444,7 @@ in '' ${helpers} ip46tables -D INPUT -j nixos-fw || true + ${cfg.extraStopCommands} ''; }; |