diff options
author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2023-11-07 12:00:57 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-11-07 12:00:57 +0000 |
commit | bed56440cbc230c9858b0aee045ac5ae9a8ff2c7 (patch) | |
tree | 8249a7e712815f4dc707c05a56daa472e181e722 /pkgs/by-name | |
parent | 7eb07191a5fa3207605d78777b95dd70f237fa71 (diff) | |
parent | 11e04c904399271e608ecc68c0405ad70ce622a7 (diff) | |
download | nixpkgs-bed56440cbc230c9858b0aee045ac5ae9a8ff2c7.tar nixpkgs-bed56440cbc230c9858b0aee045ac5ae9a8ff2c7.tar.gz nixpkgs-bed56440cbc230c9858b0aee045ac5ae9a8ff2c7.tar.bz2 nixpkgs-bed56440cbc230c9858b0aee045ac5ae9a8ff2c7.tar.lz nixpkgs-bed56440cbc230c9858b0aee045ac5ae9a8ff2c7.tar.xz nixpkgs-bed56440cbc230c9858b0aee045ac5ae9a8ff2c7.tar.zst nixpkgs-bed56440cbc230c9858b0aee045ac5ae9a8ff2c7.zip |
Merge master into staging-next
Diffstat (limited to 'pkgs/by-name')
-rwxr-xr-x | pkgs/by-name/ni/nixos-firewall-tool/nixos-firewall-tool.sh | 55 | ||||
-rw-r--r-- | pkgs/by-name/ni/nixos-firewall-tool/package.nix | 15 |
2 files changed, 70 insertions, 0 deletions
diff --git a/pkgs/by-name/ni/nixos-firewall-tool/nixos-firewall-tool.sh b/pkgs/by-name/ni/nixos-firewall-tool/nixos-firewall-tool.sh new file mode 100755 index 00000000000..17e7ce8a724 --- /dev/null +++ b/pkgs/by-name/ni/nixos-firewall-tool/nixos-firewall-tool.sh @@ -0,0 +1,55 @@ +#!/usr/bin/env bash + +set -euo pipefail + +ip46tables() { + iptables -w "$@" + ip6tables -w "$@" + +} + +show_help() { + echo "nixos-firewall-tool" + echo "" + echo "Can temporarily manipulate the NixOS firewall" + echo "" + echo "Open TCP port:" + echo " nixos-firewall-tool open tcp 8888" + echo "" + echo "Show all firewall rules:" + echo " nixos-firewall-tool show" + echo "" + echo "Open UDP port:" + echo " nixos-firewall-tool open udp 51820" + echo "" + echo "Reset firewall configuration to system settings:" + echo " nixos-firewall-tool reset" +} + +if [[ -z ${1+x} ]]; then + show_help + exit 1 +fi + +case $1 in + "open") + protocol="$2" + port="$3" + + ip46tables -I nixos-fw -p "$protocol" --dport "$port" -j nixos-fw-accept + ;; + "show") + ip46tables --numeric --list nixos-fw + ;; + "reset") + systemctl restart firewall.service + ;; + -h|--help|help) + show_help + exit 0 + ;; + *) + show_help + exit 1 + ;; +esac diff --git a/pkgs/by-name/ni/nixos-firewall-tool/package.nix b/pkgs/by-name/ni/nixos-firewall-tool/package.nix new file mode 100644 index 00000000000..78af5cb8d57 --- /dev/null +++ b/pkgs/by-name/ni/nixos-firewall-tool/package.nix @@ -0,0 +1,15 @@ +{ writeShellApplication, iptables, lib }: + +writeShellApplication { + name = "nixos-firewall-tool"; + text = builtins.readFile ./nixos-firewall-tool.sh; + runtimeInputs = [ + iptables + ]; + + meta = with lib; { + description = "Temporarily manipulate the NixOS firewall"; + license = licenses.mit; + maintainers = with maintainers; [ clerie ]; + }; +} |