alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity

Merge pull request #65453 from wahjava/master

Browse source 
sshguard: do not create ipset in post-start
This commit is contained in:
edef 2019-07-28 08:50:42 +00:00 committed by GitHub
parent c954e00a51 d3c2b992d4
commit 618ecd930d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 0 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
nixos/modules/services/security/sshguard.nix
View file

@ -107,8 +107,6 @@ in {
path = with pkgs; [ iptables ipset iproute systemd ];
postStart = ''
${pkgs.ipset}/bin/ipset -quiet create -exist sshguard4 hash:ip family inet
${pkgs.ipset}/bin/ipset -quiet create -exist sshguard6 hash:ip family inet6
${pkgs.iptables}/bin/iptables -I INPUT -m set --match-set sshguard4 src -j DROP
${pkgs.iptables}/bin/ip6tables -I INPUT -m set --match-set sshguard6 src -j DROP
'';