nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-02 15:41:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

firewall: clear rpfilter on stop

Browse Source
This commit is contained in:
Boris Sukholitko 2014-11-14 09:07:18 +02:00
parent ea49ac0496
commit 53b24d0c95
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
nixos/modules/services/networking/firewall.nix
View File

@ -187,6 +187,12 @@ let
# Clean up after added ruleset # Clean up after added ruleset
ip46tables -D INPUT -j nixos-fw 2>/dev/null || true ip46tables -D INPUT -j nixos-fw 2>/dev/null || true
${optionalString (kernelHasRPFilter && cfg.checkReversePath) ''
if ! ip46tables -D PREROUTING -t raw -m rpfilter --invert -j DROP; then
echo "<2>failed to stop rpfilter support" >&2
fi
''}
${cfg.extraStopCommands} ${cfg.extraStopCommands}
''; '';