diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2015-07-26 12:16:35 +0200 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2015-07-26 22:45:39 +0200 |
commit | f64589b2ef750fc43c989dc35fbf196bfdafa4ea (patch) | |
tree | a8856259692214721e8d070b865e61aa3351b932 | |
parent | 43f331a8740a5a45184ff05caaaeb0c34ba67fe9 (diff) | |
download | nixlib-f64589b2ef750fc43c989dc35fbf196bfdafa4ea.tar nixlib-f64589b2ef750fc43c989dc35fbf196bfdafa4ea.tar.gz nixlib-f64589b2ef750fc43c989dc35fbf196bfdafa4ea.tar.bz2 nixlib-f64589b2ef750fc43c989dc35fbf196bfdafa4ea.tar.lz nixlib-f64589b2ef750fc43c989dc35fbf196bfdafa4ea.tar.xz nixlib-f64589b2ef750fc43c989dc35fbf196bfdafa4ea.tar.zst nixlib-f64589b2ef750fc43c989dc35fbf196bfdafa4ea.zip |
firewall: Don't depend on ipset
NixOS doesn't use it, so no reason to include it.
-rw-r--r-- | nixos/modules/services/networking/firewall.nix | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/nixos/modules/services/networking/firewall.nix b/nixos/modules/services/networking/firewall.nix index 40681f5b957a..21f8ae243a7f 100644 --- a/nixos/modules/services/networking/firewall.nix +++ b/nixos/modules/services/networking/firewall.nix @@ -443,7 +443,7 @@ in networking.firewall.trustedInterfaces = [ "lo" ]; - environment.systemPackages = [ pkgs.iptables pkgs.ipset ]; + environment.systemPackages = [ pkgs.iptables ]; boot.kernelModules = map (x: "nf_conntrack_${x}") cfg.connectionTrackingModules; boot.extraModprobeConfig = optionalString (!cfg.autoLoadConntrackHelpers) '' @@ -462,7 +462,7 @@ in before = [ "network-pre.target" ]; after = [ "systemd-modules-load.service" ]; - path = [ pkgs.iptables pkgs.ipset ]; + path = [ pkgs.iptables ]; # FIXME: this module may also try to load kernel modules, but # containers don't have CAP_SYS_MODULE. So the host system had |