JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

nixos/firewall: Rename misleading rejected to refused in logging

Browse Source 
as that's used as general term for rejected or dropped packets
in the rest of the config.
This commit is contained in:
Florian Jacob 2017-10-11 20:12:58 +02:00
parent 5dda1324be
commit 847beb558f
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
nixos/modules/services/networking/firewall.nix
View File

@ -95,18 +95,18 @@ let
ip46tables -N nixos-fw-log-refuse
${optionalString cfg.logRefusedConnections ''
ip46tables -A nixos-fw-log-refuse -p tcp --syn -j LOG --log-level info --log-prefix "rejected connection: "
ip46tables -A nixos-fw-log-refuse -p tcp --syn -j LOG --log-level info --log-prefix "refused connection: "
''}
${optionalString (cfg.logRefusedPackets && !cfg.logRefusedUnicastsOnly) ''
ip46tables -A nixos-fw-log-refuse -m pkttype --pkt-type broadcast \
-j LOG --log-level info --log-prefix "rejected broadcast: "
-j LOG --log-level info --log-prefix "refused broadcast: "
ip46tables -A nixos-fw-log-refuse -m pkttype --pkt-type multicast \
-j LOG --log-level info --log-prefix "rejected multicast: "
-j LOG --log-level info --log-prefix "refused multicast: "
''}
ip46tables -A nixos-fw-log-refuse -m pkttype ! --pkt-type unicast -j nixos-fw-refuse
${optionalString cfg.logRefusedPackets ''
ip46tables -A nixos-fw-log-refuse \
-j LOG --log-level info --log-prefix "rejected packet: "
-j LOG --log-level info --log-prefix "refused packet: "
''}
ip46tables -A nixos-fw-log-refuse -j nixos-fw-refuse