philipp/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Activity
nixpkgs/modules/services
History
Mathijs Kwik 6c62de6a31 firewall: option to enable the rpfilter netfilter module 
This is meant to replace /proc/sys/net/ipv4/conf/*/rp_filter, which
only works for ipv4. Furthermore, it's nicer to handle this kind of
filtering in the firewall.

There are some more subtle differences, please see:
https://home.regit.org/netfilter-en/secure-use-of-helpers/

I chose to enable this by default (when the firewall is enabled) as
it's a good idea in general. Only people with advanced routing needs
might not want this, but I guess they don't use the nixos firewall
anyway and use a custom solution. Furthermore, the option only becomes
available in kernel 3.3+, so conservative nixos users that just stick
to the default kernel will not need to act now just yet.
2012-10-13 09:59:31 +02:00
..
amqp strip trailing whitespace; no functional change 2011-09-14 18:20:50 +00:00
audio alsa.nix: initialize the sound card before restoring previously stored settings 2012-09-23 22:40:19 +02:00
backup * Drop references to activation scriptlets that no longer exist. 2012-03-15 14:21:17 +00:00
databases postgresql.nix: Add an option for overriding the PostgreSQL package 2012-08-15 17:02:03 -04:00
games strip trailing whitespace; no functional change 2011-09-14 18:20:50 +00:00
hardware udev requires unix sockets and inotify 2012-08-06 17:02:35 -04:00
logging logcheck: add some options to ease setting up ignore-rules 2012-10-09 16:04:17 +02:00
mail dovecot: add options to selectively enable/disable the IMAP and/or POP3 listener 2012-09-30 00:54:03 +02:00
misc Don't use nixUnstable 2012-08-02 13:31:57 -04:00
monitoring smartd: Add options for each device being monitored 2012-10-09 14:00:59 -04:00
network-filesystems Global replace /var/run/current-system -> /run/current-system 2012-07-16 11:34:21 -04:00
networking firewall: option to enable the rpfilter netfilter module 2012-10-13 09:59:31 +02:00
printing * CUPS: fix printing on a Ricoh Aficio MP C4500 PXL printer (and 2012-05-25 15:51:33 +00:00
scheduling Global replace /var/run/current-system -> /run/current-system 2012-07-16 11:34:21 -04:00
security F-Prot virus signaure database updater: package 2012-07-24 10:52:04 +03:00
system invalidate-nscd: use script instead of exec for multiple commands 2012-09-29 10:51:28 +02:00
ttys mingetty: Don't make restartIfChanged optional 2012-08-12 11:44:00 -04:00
web-servers Assign uid/gid 54 to wwwrun 2012-08-03 11:05:25 -04:00
x11 Drop xfce-4.6 compatibility 2012-09-21 11:03:07 -04:00