[Nix-dev] Enabling CUPS unconditionally allows UDP/631 on the firewall
Pablo Costa
modulistic at gmail.com
Tue Nov 12 12:24:10 CET 2013
Hello,
on nixpkgs/nixos/modules/services/printing/cupsd.nix there is this line:
226 # Allow CUPS to receive IPP printer announcements via UDP.
227 networking.firewall.allowedUDPPorts = [ 631 ];
which results on this rule in the nixos-fw chain:
nixos-fw-accept udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
I would expect a way to disable this default behaviour, e.g. a boolean
value such as:
services.printing.{listen|accept}NetworkAnnouncements
or
services.printing.openFirewall
How do you feel about this?
Thanks!
pablo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20131112/548ff282/attachment.html
More information about the nix-dev
mailing list