diff options
| author | Pierre Bourdon <delroth@gmail.com> | 2019-03-09 19:59:01 +0100 |
|---|---|---|
| committer | Pierre Bourdon <delroth@gmail.com> | 2019-03-09 20:02:04 +0100 |
| commit | 18bc8203a10720a4db98670cbcbe75aa0579c145 (patch) | |
| tree | 340036caef42c90875cb439e071bbaba65f46b4c /nixos | |
| parent | 843215ac1c84eaab283f8ccc0b40c9cd37097c44 (diff) | |
| download | nixlib-18bc8203a10720a4db98670cbcbe75aa0579c145.tar nixlib-18bc8203a10720a4db98670cbcbe75aa0579c145.tar.gz nixlib-18bc8203a10720a4db98670cbcbe75aa0579c145.tar.bz2 nixlib-18bc8203a10720a4db98670cbcbe75aa0579c145.tar.lz nixlib-18bc8203a10720a4db98670cbcbe75aa0579c145.tar.xz nixlib-18bc8203a10720a4db98670cbcbe75aa0579c145.tar.zst nixlib-18bc8203a10720a4db98670cbcbe75aa0579c145.zip | |
nixos/firewall: canonicalize firewall ports lists
Fixes #56086.
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/services/networking/firewall.nix | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/nixos/modules/services/networking/firewall.nix b/nixos/modules/services/networking/firewall.nix index 73feba242a11..4ea891262e56 100644 --- a/nixos/modules/services/networking/firewall.nix +++ b/nixos/modules/services/networking/firewall.nix @@ -261,10 +261,14 @@ let fi ''; + canonicalizePortList = + ports: lib.unique (builtins.sort builtins.lessThan ports); + commonOptions = { allowedTCPPorts = mkOption { type = types.listOf types.port; default = [ ]; + apply = canonicalizePortList; example = [ 22 80 ]; description = '' @@ -287,6 +291,7 @@ let allowedUDPPorts = mkOption { type = types.listOf types.port; default = [ ]; + apply = canonicalizePortList; example = [ 53 ]; description = '' |