nftables: Warn about correct firewall setting
services.networking.firewall might have existed during import of this module in 2016, but it is unknown as of today. Point to the proper boolean knob to avoid confusion.
This commit is contained in:
parent
af27072f1d
commit
e438d4a04f
@ -99,7 +99,7 @@ in
|
|||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
assertions = [{
|
assertions = [{
|
||||||
assertion = config.networking.firewall.enable == false;
|
assertion = config.networking.firewall.enable == false;
|
||||||
message = "You can not use nftables with services.networking.firewall.";
|
message = "You can not use nftables and iptables at the same time. networking.firewall.enable must be set to false.";
|
||||||
}];
|
}];
|
||||||
boot.blacklistedKernelModules = [ "ip_tables" ];
|
boot.blacklistedKernelModules = [ "ip_tables" ];
|
||||||
environment.systemPackages = [ pkgs.nftables ];
|
environment.systemPackages = [ pkgs.nftables ];
|
||||||
|
Loading…
Reference in New Issue
Block a user