alaskacanyon[m] has quit [Quit: Idle for 30+ days]
<
flokli>
I tend to avoid the whole nat and firewall situation on NixOS exposed by the module system. IMHO, it should be refactored
<
aranea>
Yeah, I actually consider the fact that the nftables module doesn't respect the firewall.* options an advantage.
<
flokli>
aranea: don't rely on it staying that way ;-)
<
flokli>
:thisisfine:
<
aranea>
Well, even if that changes, I'd hope that explicitly setting networking.nftables.ruleset would still override everything else.
<
aleph->
flokli: What're the issues with the nat and firewall modules?
<
flokli>
they don't work with networkd networking most of the time, for example.
<
aleph->
Ah. Never actually used networkd.