rb2k has quit [Read error: Connection reset by peer]
LilleCarl has quit [Ping timeout: 246 seconds]
LilleCarl has joined #nixos-on-your-router
dtz has quit [Quit: Idle for 30+ days]
<eyJhb>
Is there any NixOS option to block specific IPs, or should one just use iptables?
<eyJhb>
So far, regarding the DNS issue, I have just disabled `do-ipv6`, so that it will only ask root servers via IPv4
<gchristensen>
I'm looking to manage some additonal firewall rules in the FORWARD chain table, but I'd like to manage them in a nice way which nixos can roll forward and back... is it reasonable to want this?
<hexa->
uhm, yes?
<gchristensen>
erm
<gchristensen>
reword ...
<gchristensen>
is the work to get it reasonable enough to do it in not so long, or is it going to be annoying
<hexa->
ok, because you just described the main functionality of a nixos on your router :D
<gchristensen>
:P
<gchristensen>
"is it reasonable to want nixos?"
<hexa->
"yes, no... maybe?"
<hexa->
writing rules for the forward chain is not that difficult
<gchristensen>
yeah, I have the rules
<hexa->
you are probably using `networking.firewall`, and I'd have to checkn how to do it
<gchristensen>
sorry, the applicationof more rules is easy
<gchristensen>
but having them roll forward and back is not
<gchristensen>
networking.firewall.extraCommands
<hexa->
as part of your generation?
<gchristensen>
yeah, nixos won't cleanly undo them
<hexa->
oh ok
<hexa->
that's sad
<hexa->
you could try and use ferm instead
<hexa->
downside: have to write the whole firewall config yourself
<hexa->
upside: it has lots of syntactic sugar
<gchristensen>
hmm
<gchristensen>
might be okay, this machine had the firewall disabled before I got to it ...