diff options
| author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2015-07-26 12:16:35 +0200 |
|---|---|---|
| committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2015-07-26 22:45:39 +0200 |
| commit | f64589b2ef750fc43c989dc35fbf196bfdafa4ea (patch) | |
| tree | a8856259692214721e8d070b865e61aa3351b932 /nixos/modules/services/networking/firewall.nix | |
| parent | 43f331a8740a5a45184ff05caaaeb0c34ba67fe9 (diff) | |
| download | nixpkgs-f64589b2ef750fc43c989dc35fbf196bfdafa4ea.tar nixpkgs-f64589b2ef750fc43c989dc35fbf196bfdafa4ea.tar.gz nixpkgs-f64589b2ef750fc43c989dc35fbf196bfdafa4ea.tar.bz2 nixpkgs-f64589b2ef750fc43c989dc35fbf196bfdafa4ea.tar.lz nixpkgs-f64589b2ef750fc43c989dc35fbf196bfdafa4ea.tar.xz nixpkgs-f64589b2ef750fc43c989dc35fbf196bfdafa4ea.tar.zst nixpkgs-f64589b2ef750fc43c989dc35fbf196bfdafa4ea.zip | |
firewall: Don't depend on ipset
NixOS doesn't use it, so no reason to include it.
Diffstat (limited to 'nixos/modules/services/networking/firewall.nix')
| -rw-r--r-- | nixos/modules/services/networking/firewall.nix | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/nixos/modules/services/networking/firewall.nix b/nixos/modules/services/networking/firewall.nix index 40681f5b957..21f8ae243a7 100644 --- a/nixos/modules/services/networking/firewall.nix +++ b/nixos/modules/services/networking/firewall.nix @@ -443,7 +443,7 @@ in networking.firewall.trustedInterfaces = [ "lo" ]; - environment.systemPackages = [ pkgs.iptables pkgs.ipset ]; + environment.systemPackages = [ pkgs.iptables ]; boot.kernelModules = map (x: "nf_conntrack_${x}") cfg.connectionTrackingModules; boot.extraModprobeConfig = optionalString (!cfg.autoLoadConntrackHelpers) '' @@ -462,7 +462,7 @@ in before = [ "network-pre.target" ]; after = [ "systemd-modules-load.service" ]; - path = [ pkgs.iptables pkgs.ipset ]; + path = [ pkgs.iptables ]; # FIXME: this module may also try to load kernel modules, but # containers don't have CAP_SYS_MODULE. So the host system had |