diff options
author | Peter Simons <simons@cryp.to> | 2016-03-18 12:00:39 +0100 |
---|---|---|
committer | Peter Simons <simons@cryp.to> | 2016-03-18 12:00:39 +0100 |
commit | 9a2ee42f52002b54ee568a94bbd64d43010a5f3b (patch) | |
tree | 1adc6d581c5f5fc39973c89ada9cd46592919a9a /nixos/doc | |
parent | c523aeffde74a1d7a085fdecf52250a96736051e (diff) | |
download | nixlib-9a2ee42f52002b54ee568a94bbd64d43010a5f3b.tar nixlib-9a2ee42f52002b54ee568a94bbd64d43010a5f3b.tar.gz nixlib-9a2ee42f52002b54ee568a94bbd64d43010a5f3b.tar.bz2 nixlib-9a2ee42f52002b54ee568a94bbd64d43010a5f3b.tar.lz nixlib-9a2ee42f52002b54ee568a94bbd64d43010a5f3b.tar.xz nixlib-9a2ee42f52002b54ee568a94bbd64d43010a5f3b.tar.zst nixlib-9a2ee42f52002b54ee568a94bbd64d43010a5f3b.zip |
Document the fact that the firewall allows pings by default in rl-1603.xml.
Diffstat (limited to 'nixos/doc')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-1603.xml | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/nixos/doc/manual/release-notes/rl-1603.xml b/nixos/doc/manual/release-notes/rl-1603.xml index 83057a44d0ae..350025da7b00 100644 --- a/nixos/doc/manual/release-notes/rl-1603.xml +++ b/nixos/doc/manual/release-notes/rl-1603.xml @@ -262,6 +262,18 @@ services.syncthing = { </programlisting> </listitem> + <listitem> + <para> + <literal>networking.firewall.allowPing</literal> is now enabled by + default. Users are encourarged to configure an approiate rate limit for + their machines using the Kernel interface at + <filename>/proc/sys/net/ipv4/icmp_ratelimit</filename> and + <filename>/proc/sys/net/ipv6/icmp/ratelimit</filename> or using the + firewall itself, i.e. by setting the NixOS option + <literal>networking.firewall.pingLimit</literal>. + </para> + </listitem> + </itemizedlist> |