Whether to automatically register the bouncer to the locally running crowdsec service

Path to the API key to authenticate with a local CrowdSec API

API key to authenticate with a local crowdsec API

Whether to automatically open firewall ports for crowdsec.

Name to register the bouncer as to the CrowdSec API

Whether to enable CrowdSec Firewall Bouncer.

Whether to enable CrowdSec Security Engine.

The user to run crowdsec as

Hub collections, parsers, AppSec rules, etc.

Name of the machine when registering it at the central or local api.

The group to run crowdsec as

The crowdsec-firewall-bouncer package to use.

Settings for the main CrowdSec Firewall Bouncer

Firewall mode to use.

The crowdsec package to use.

The configuration for a crowdsec security engine.

Whether to have the module create the appropriate firewall configuration based on the bouncer settings

Set of various configuration attributes

URL of the local API.

Whether to enable firewalling for outgoing traffic of the nix daemon.

Whether to enable if true cscli hub update will be executed daily

Whether to enable the firewall

Whether to allow traffic that is neither TCP nor UDP

Whether to enable Ferm Firewall. Warning: Enabling this service WILL disable the existing NixOS firewall! Default firewall rules provided by packages are not considered at the moment.

TCP ports to which traffic is allowed

UDP ports to which traffic is allowed

If pings are allowed, this allows setting rate limits on them

Additional shell commands executed as part of the firewall initialisation script

Underlying implementation for the firewall service.

Whether to allow traffic on the loopback interface

The package to use for running the firewall service.

Extra nftables rules to prepend to the generated ones

Firewall rules for inbound traffic.

Firewall rules for outbound traffic.

Additional nftables rules to be appended to the input-allow chain

Additional shell commands executed as part of the firewall shutdown script

Enable filtering in IP forwarding

Additional nftables rules to be appended to the forward-allow chain

Whether to enable Shorewall IPv4 Firewall.

Whether to allow traffic to local networks

Whether to respond to incoming ICMPv4 echo requests ("pings")

List of open UDP ports.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.pgbouncer.openFirewall is true.

List of UDP ports to open in firewall.

List of TCP ports on which incoming connections are accepted.

Whether to enable FirewallD.

Additional nftables rules to be appended to the rpfilter-allow chain

Specify a filter for iptables to use when services.prometheus.exporters.pgbouncer.openFirewall is true

Whether to enable Shorewall IPv6 Firewall.

Additional packages to be included in the environment of the system as well as the path of networking.firewall.extraCommands.

Range of open UDP ports.

List of TCP ports to open in firewall

Logs dropped packets failing the reverse path filter test if the option networking.firewall.checkReversePath is enabled.

A range of TCP ports on which incoming connections are accepted.

Performs a reverse path filter test on a packet

Interface-specific open ports.

If set, refused packets are rejected rather than dropped (ignored)

Whether to log all rejected or dropped incoming packets

If networking.firewall.logRefusedPackets and this option are enabled, then only log packets specifically directed at this machine, i.e., not broadcasts or multicasts.

Whether to auto-load connection-tracking helpers

Whether to clean up firewall rules when firewalld stops.

Traffic coming in from these interfaces will be accepted unconditionally

Whether to open the required firewall ports in the firewall.

List of open UDP ports.

List of TCP ports on which incoming connections are accepted.

firewalld zone configuration files

Specify rules for nftables to add to the input chain when services.prometheus.exporters.nut.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.lnd.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.sql.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.frr.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.pve.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.zfs.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.kea.openFirewall is true.

Whether to log rejected or dropped incoming connections

Specify rules for nftables to add to the input chain when services.prometheus.exporters.nats.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.bind.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.ping.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.flow.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.json.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.ipmi.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.bird.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.mail.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.ebpf.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.knot.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.node.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.snmp.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.mqtt.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.php-fpm.openFirewall is true.

Extra arguments to pass to FirewallD.

Whether to enable Rygel UPnP Mediaserver

Whether to automatically open the specified TCP port in the firewall.

Range of open UDP ports.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.nginx.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.redis.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.kafka.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.idrac.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.v2ray.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.jitsi.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.fritz.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.dmarc.openFirewall is true.

A range of TCP ports on which incoming connections are accepted.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.node-cert.openFirewall is true.

Specify a filter for iptables to use when services.prometheus.exporters.sql.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.lnd.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.frr.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.zfs.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.nut.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.kea.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.pve.openFirewall is true

Specify rules for nftables to add to the input chain when services.prometheus.exporters.fastly.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.shelly.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.statsd.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.domain.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.tibber.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.rspamd.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.deluge.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.chrony.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.pihole.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.script.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.dnssec.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.restic.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.mysqld.openFirewall is true.

Whether to unload all firewall-related kernel modules when firewalld stops.

Specify a filter for iptables to use when services.prometheus.exporters.mqtt.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.json.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.flow.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.mail.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.ebpf.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.nats.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.knot.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.bind.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.bird.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.node.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.ipmi.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.ping.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.snmp.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.php-fpm.openFirewall is true

The backend used to setup virtual network firewall rules.

The firewalld package to use.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.nvidia-gpu.openFirewall is true.

Specify a filter for iptables to use when services.prometheus.exporters.jitsi.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.redis.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.nginx.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.idrac.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.kafka.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.v2ray.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.fritz.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.dmarc.openFirewall is true

Whether to stop reaction when reloading the firewall

Specify rules for nftables to add to the input chain when services.prometheus.exporters.bitcoin.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.dnsmasq.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.unbound.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.apcupsd.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.libvirt.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.varnish.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.postfix.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.sabnzbd.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.ecoflow.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.klipper.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.systemd.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.dovecot.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.mongodb.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.process.openFirewall is true.

Specify a filter for iptables to use when services.prometheus.exporters.node-cert.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.domain.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.chrony.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.statsd.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.tibber.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.mysqld.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.rspamd.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.pihole.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.deluge.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.dnssec.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.restic.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.script.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.fastly.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.shelly.openFirewall is true

Short description for the zone.

Rich rules for the zone.

Ports to allow in the zone.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.py-air-control.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.rtl_433.openFirewall is true.

Specify a filter for iptables to use when services.prometheus.exporters.nvidia-gpu.openFirewall is true

Specify rules for nftables to add to the input chain when services.prometheus.exporters.unpoller.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.blackbox.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.influxdb.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.collectd.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.mikrotik.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.fritzbox.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.graphite.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.nginxlog.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.postgres.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.keylight.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.opnsense.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.smartctl.openFirewall is true.

Whether to enable opening port in the firewall.

Specify a filter for iptables to use when services.prometheus.exporters.apcupsd.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.unbound.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.varnish.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.ecoflow.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.bitcoin.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.dnsmasq.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.dovecot.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.libvirt.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.sabnzbd.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.process.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.systemd.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.mongodb.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.klipper.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.postfix.openFirewall is true

firewalld service configuration files

The firewall backend implementation

Specify rules for nftables to add to the input chain when services.prometheus.exporters.imap-mailstat.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.mailman3.openFirewall is true.

Verbatim ferm.conf configuration.

Specify a filter for iptables to use when services.prometheus.exporters.py-air-control.openFirewall is true

Action for packets that doesn't match any rules.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.nextcloud.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.surfboard.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.smokeping.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.wireguard.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.rasdaemon.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.borgmatic.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.tailscale.openFirewall is true.

Specify a filter for iptables to use when services.prometheus.exporters.rtl_433.openFirewall is true

Specify rules for nftables to add to the input chain when services.prometheus.exporters.junos-czerwonk.openFirewall is true.

FirewallD config file

List of connection-tracking helpers that are auto-loaded

Specify a filter for iptables to use when services.prometheus.exporters.keylight.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.fritzbox.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.opnsense.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.smartctl.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.mikrotik.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.influxdb.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.postgres.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.nginxlog.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.unpoller.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.blackbox.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.collectd.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.graphite.openFirewall is true

Whether to use individual -restore calls to apply changes to the firewall

Packages providing firewalld zones and other files

Specify a filter for iptables to use when services.prometheus.exporters.imap-mailstat.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.mailman3.openFirewall is true

Version of the zone.

ICMP types to block in the zone.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.buildkite-agent.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.scaphandre.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.storagebox.openFirewall is true.

Specify a filter for iptables to use when services.prometheus.exporters.smokeping.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.wireguard.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.nextcloud.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.borgmatic.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.surfboard.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.rasdaemon.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.tailscale.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.junos-czerwonk.openFirewall is true

Ports of the service.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.exportarr-sonarr.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.exportarr-lidarr.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.exportarr-bazarr.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.exportarr-radarr.openFirewall is true.

The UDP port to open in the firewall

Services to allow in the zone.

Short description for the service.

Open ports in the firewall for irkerd

The firewall package used by fail2ban service

A MAC address.

Source ports to allow in the zone.

Open ports in the firewall for upsd.

Source addresses, address ranges, MAC addresses or ipsets to bind.

Whether to open firewall ports for Zammad

Specify a filter for iptables to use when services.prometheus.exporters.buildkite-agent.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.storagebox.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.scaphandre.openFirewall is true

Specify rules for nftables to add to the input chain when services.prometheus.exporters.exportarr-readarr.openFirewall is true.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.artifactory.openFirewall is true.

Whether to enable a Coturn server for Netbird, will also open the firewall on the configured range.

Whether to enable Opensnitch application firewall.

Specify a filter for iptables to use when services.prometheus.exporters.exportarr-radarr.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.exportarr-lidarr.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.exportarr-sonarr.openFirewall is true

Specify a filter for iptables to use when services.prometheus.exporters.exportarr-bazarr.openFirewall is true

Whether to enable open the peer port(s) in the firewall.

The k3s server to connect to

Ports to forward in the zone.

An ipset.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.exportarr-prowlarr.openFirewall is true.

Whether to filter IPv6 traffic with 6to4 destination addresses that correspond to IPv4 addresses that should not be routed over the public internet.

Specify a filter for iptables to use when services.prometheus.exporters.exportarr-readarr.openFirewall is true

Whether to enable intra-zone forwarding

Specify a filter for iptables to use when services.prometheus.exporters.artifactory.openFirewall is true

Specify rules for nftables to add to the input chain when services.prometheus.exporters.modemmanager.openFirewall is true.

Default zone for connections.

Version of the service.

Helpers for the service.

Use a fixed port for rpc.statd

Open the firewall port.

The policy during reload.

Depending on the local firewall/NAT rules, you might need to force Miredo to use a fixed UDP port and or IPv4 address.

Whether to enable sharing, a CLI tool for sharing files

Specify a filter for iptables to use when services.prometheus.exporters.exportarr-prowlarr.openFirewall is true

Port to listen on

Whether to flush all runtime rules on a reload.

If false (the default), this is up to the user to declare the firewall rules

Open listen and RPC ports found in settings.listen-port and settings.rpc-listen-port options in the firewall.

Source ports for the service.

Protocols to allow in the zone.

Destination IP address.

Whether or not to open ports in the firewall for qui.

Specify a filter for iptables to use when services.prometheus.exporters.modemmanager.openFirewall is true

Use fixed port for rpc.mountd, useful if server is behind firewall.

Add logging rules right before reject and drop rules in the INPUT, FORWARD and OUTPUT chains for the default rules and also final reject and drop rules in zones for the configured link-layer packet type.

Whether to enable Network Address Translation (NAT)

Open ports in the firewall for the n8n web interface.

Use a fixed port for the NFS lock manager kernel module (lockd/nlockmgr)

Whether to enable opening of the relay port(s) in the firewall.

Services to include for the service.

Whether to open firewall ports for send

Open ports in the firewall for the media server.

Open ports in the firewall for the Ombi web interface.

Whether to open the firewall for the specified RDP port.

Open ports in the firewall for the server.

Priority for outbound traffic

Whether to enable opening of the peer port(s) in the firewall.

Open ports in the firewall for the Ergo node as well as the API.

Interfaces to bind.

Open ports in the firewall for the plikd.

Whether to open ports in the firewall.

Open port in firewall for snmpd.

Whether to open the firewall for Apache Tika

Whether to open ports in the firewall for ZNC

Whether to enable masquerading in the zone.

Open ports in the firewall for the atuin server.

Whether to enable opening the ports in the firewall.

Protocols for the service.

Whether to open the cook-cli server port in the firewall.

Whether to open the firewall for the port in services.flood.port.

Whether to open the firewall for the port in services.komga.settings.server.port.

Whether to open the firewall for the Gatus web interface.

Open ports in the firewall for the Paisa web server.

Open ports in the firewall for the Stash web interface.

Priority for inbound traffic

Whether to open ports in the firewall needed for karma to function.

Whether to enable opening of the HTTP and Peer ports in the firewall.

Open ports in the firewall for the ShokoAnime api and web interface.

Whether to enable opening the default ports in the firewall for Samba.

Whether to enable the default ports in the firewall for the WiVRn server.

Open ports in the firewall for nix-serve.

Open ports in the firewall for LLaMA C++ server.

Open ports in the firewall for Lidarr

Whether to open the firewall for the soulseek network listen port (not the web interface port).

Open etcd ports in the firewall

Whether to open the firewall for the specified port.

Whether to open the immich port in the firewall

An IP address or a network IP address with a mask for IPv4 or IPv6

Extra deletion commands to be run on every firewall start, reload and after stopping the firewall.

Open port in firewall for incoming connections.

Open ports in the firewall for deluge web daemon

Whether to invert the icmp block handling

Description for the zone.

Whether to enable opening up the service ports in the firewall.

Open ports in the firewall for the bazarr web interface.

Whether to open the Porn-Vault port in the firewall.

Open ports in the firewall for the Sonarr web interface

Open ports in the firewall for Nitter web interface.

Open ports in the firewall for the Radarr web interface.

Open ports in the firewall for the redlib web interface

Open ports in the firewall for mpd

Whether to open the firewall for Glance

Whether to open the firewall for ollama

Whether to enable opening ports in the firewall for the Mumble server.

Whether to open the UDP port used for multicast peer discovery

Depending on the local firewall/NAT rules, you might need to force Miredo to use a fixed UDP port and or IPv4 address.

Whether to open the firewall for UDP port 5353

Whether to open firewall on ports 5150/tcp, 5150/udp

Whether to enable Opens the specified port in the firewall. .

Open the ports in the firewall

Whether to open firewall ports for OpenArena

Whether to open firewall ports for Teeworlds.

Whether to open the firewall for Open-WebUI

Whether to open ports in the firewall for the server

Open ports in the firewall for the server.

Open ports in the firewall for the bridge.

Whether to add a counter to every nftables rule.

Open ports in the firewall for iperf3.

Whether to open the firewall for llama-swap

Whether to open ports in the firewall.

Open port in the firewall for glances.

Open the ports in the firewall for the server.

Open the configured port in the firewall.

Open ports in the firewall for Readarr

Open the firewall port(s).

Content of IfState's initrd cleanup configuration file

Open firewall ports for Druid Broker.

Open firewall ports for Druid Router.

If enabled, the generated nftables rule set will be owned exclusively by firewalld

Whether to open the firewall for the specified port.

Opens port range for LiveKit on the firewall.

Whether to open the port in the firewall for MaryTTS.

Whether to enable firewall passthrough for pgadmin4.

Open the appropriate ports in the firewall for owncast.

Whether to open the firewall for the default ports.

Whether to open the firewall for the default ports.

Whether to open the firewall port (default 45876).

IPv4 destination.

IPv6 destination.

Open ports in the firewall for pihole-FTL's DNS server.

Specifies the default port over which Cassandra will be available for JMX connections

Open ports in the firewall for the Autobrr web interface.

Open ports in the firewall for the Jackett web interface.

Whether to enable opening of the identd port in the firewall.

Whether to open ports in the NixOS firewall for Sharkey.

Whether to automatically open the specified ports in the firewall.

Open ports in the firewall for the uMurmur Mumble server.

Open ports in the firewall for the Serviio Media Server.

Open ports in the firewall for the sabnzbd web interface

Open ports in the firewall for the PdfDing web interface.

Whether to open the port specified in listenPort in the firewall.

Open the firewall for TCP and UDP on the specified port.

Whether to open the firewall for the port in services.uptermd.port.

Whether to enable opening the firewall for the TCP and spy ports.

Open firewall ports for HBase rest.

Open ports in the firewall for the server.

Destinations for the service.

Description for the service.

Whether to enable opening the firewall for the port listening for clients.

Whether to open ports in the firewall needed for the daemon to function.

Whether to open the firewall for Orthanc

Whether to open the firewall for LiteLLM

Whether to automatically open the necessary ports in the firewall.

Whether to enable opening the firewall for radicle-node.

Whether to open the firewall for the specified port.

Open ports in the firewall for the Zabbix Agent.

Open ports in the firewall for the Zabbix Proxy.

If enabled, the generated destination NAT (DNAT) rules will NOT accept traffic that was DNAT'd by other entities, e.g. docker

Whether or not to open the minimum required ports on the firewall

Open ports in the firewall for pihole-FTL's DHCP server.

Whether to open the default ports in the firewall for the ALVR server.

Whether to open the firewall for the immich-kiosk port.

Whether to enable firewall passthrough for haste-server.

Whether to open the firewall for the specified port.

Whether to enable opening the specified http(s) ports in the firewall

The list of ports used by coturn for listening to open in the firewall.

Whether to enable opening the firewall when using a port option.

Open the firewall.

Whether to enable opening the default ports in the firewall for Devpi Server.

Open the firewall for mycelium

Specify the bypass parameters for Zapret binary

Open firewall ports for HDFS JournalNode.

Whether to automatically open the specified ports in the firewall.

Whether to open the port in the firewall.

Whether to open ports in the firewall

Open ports in the firewall for Metabase.

Open ports in the firewall for Tautulli.

Whether to enable LDAPS protocol

Open the default ports in the firewall for the server.

Open the appropriate ports in the firewall for spoolman.

Whether to automatically open ports in the firewall.

Open ports in the firewall for the Zabbix Server.

Whether to open ports in the firewall

Whether to open the firewall for the port in services.gemstash.bind.

Whether to open a firewall port for the SSH listener.

Whether to open the firewall for the port in services.rtorrent.port.

Open ports in the firewall for the Prowlarr web interface.

Open ports in the firewall for the Whisparr web interface.

Open firewall ports for HBase thrift.

Open firewall ports for HBase master.

Whether to automatically open the specified TCP port in the firewall.

Whether to automatically open the specified UDP port in the firewall.

Whether to enable opening the default ports in the firewall for Scrutiny.

Whether to open a firewall port for the SSH listener.

The port the server should listen on

Open the configured port in the firewall for external ingress traffic

The port the server should listen on

This may improve forwarded traffic throughput by enabling nftables flowtable

Whether to open the firewall for TCP ports specified in listenAddresses option.

Whether to open the firewall for the port in services.pingvin-share.frontend.port.

Whether to automatically open the necessary ports in the firewall.

Whether to open ports in the firewall

Whether to open ports in the firewall

Whether to open ports in the firewall

Whether to enable opening HTTP (TCP) and SSDP (UDP) ports in the firewall.

Whether to open TCP firewall ports, which are specified in services.stalwart.settings.server.listener on all interfaces.

Open firewall ports for Druid Overlord.

Whether to automatically open required firewall ports for master service.

Whether to open the firewall for Docling Serve

Whether to open ports in the firewall for the server.

Open WebRTC ports in the firewall.

Whether to open the port in the firewall.

Open DHT ports in firewall

Open ports in the firewall for OctoPrint.

Open ports in the firewall for the Calibre Server web interface.

Whether to open ports in the firewall for the server.

Open the appropriate ports in the firewall.

Open the appropriate ports in the firewall.

Whether to open the IPP port in the firewall

Whether to open the firewall for the specified port.

Whether to open the TCP port in the firewall

Whether to enable opening TCP ports 80 and 443, and UDP port 51820 in the firewall for the Pangolin service(s).

Open RTMP port in the firewall.

Open WHIP port in the firewall.

Whether to open the firewall for the ports in services.deluge.config.listen_ports

Open ports in the firewall for LANraragi's web interface.

Open ports in the firewall for the Pinchflat web interface

Open a port in the firewall for the Overseerr web interface.

Whether to open TCP firewall ports, which are specified in services.stalwart-mail.settings.server.listener on all interfaces.

Whether to automatically open receive port in the firewall.

Open firewall ports for Druid middleManager.

Whether to enable allowing blendfarm network access through the firewall.

Open firewall ports for HDFS DataNode.

Open firewall ports for HDFS NameNode.

Whether to automatically open the specified port in the firewall

Open firewall ports for cluster communication by default

Declarative configuration of firewall rules

Opens the port used by the firewall.

Performs reverse path filtering (RPF) on IPv6 packets as per RFC 3704

Whether to automatically open ports in the firewall.

Whether to open the firewall for the specified port.

Whether to enable Open firewall ports for livekit.

Open firewall ports for HBase regionServer.

Open the default ports in the firewall for the media server

Open ports (67, 69, 4011 UDP and 'port', 'statusPort' TCP) in the firewall for Pixiecore.

Mark all wireguard packets originating from this interface with the given firewall mark

Whether to open the firewall for the port in services.suwayomi-server.settings.server.port.

Whether to enable opening the HTTP server port and, if enabled, the HTTPS redirect server port in the firewall. .

Whether to run reaction as root

Open ports in the firewall for the NZBHydra2 web interface.

Whether to enable Open firewall for the specified port.

Open the firewall port(s).

Opens TCP port in firewall for built-in UI

Open ports in the firewall for Steam Remote Play.

Whether to enable opening WebRTC traffic ports in the firewall

Whether to automatically open the firewall for scheduler discovery.

Whether to open ports in the firewall for the server.

Whether to open the Linkwarden port in the firewall

Opens port in firewall for fedimintd's api port

Open port in the firewall for the Jellyseerr web interface.

Open ports in the firewall for the LubeLogger web interface.

Whether to automatically open the specified ports in the firewall.

Whether to open the firewall for the port in services.szurubooru.server.port.

Whether to open the firewall for the specified Taskserver port.

Automatically open gossip port in firewall (recommended).

Open ports in the firewall for the Homebridge web interface and service.

Whether to automatically allow VRRP and AH packets in the firewall.

Opens port in firewall for fedimintd's p2p port (both TCP and UDP)

Whether to enable the default ports in the firewall for the WiVRn server.

Whether to open ports in the firewall for the server.

Whether to open ports in the firewall for the server.

Open firewall ports for Druid Historical.

Whether to enable opening of the RPC port in the firewall.

Open the configured port in the firewall

Whether to open the firewall ports for Reposilite

Path to the directory where firewall rules can be found and will get stored by the NixOS module.

Whether to enable opening UDP ports in the firewall.

Whether to open the firewall for the specified port

Open the port in the firewall

Open ports in the firewall for Mirakurun.

Open ports in the firewall for the TeamSpeak3 server.

Whether to setup firewall routing so that system http(s) traffic is forwarded via this service

Open ports in the firewall for pihole-FTL's webserver, as configured in settings.webserver.port.

Whether to enable opening of the peer port(s) in the firewall.

Whether to enable opening firewall ports for FileBrowser.

Whether to open the necessary port in the firewall for spacecookie.

Opens up firewall port for communication between NetBird peers directly over LAN or public IP, without using (internet-hosted) TURN servers as intermediaries.

Opens up firewall port for communication between NetBird peers directly over LAN or public IP, without using (internet-hosted) TURN servers as intermediaries.

Opens TCP port in firewall for fedimintd's Websocket API

Whether to automatically open the daemon port in the firewall.

Whether to enable opening both the webuiPort and torrentPort over TCP in the firewall.

Open firewall ports for Druid Coordinator.

Whether to enable nftables and use nftables based firewall if enabled. nftables is a Linux-based packet filtering framework intended to replace frameworks like iptables

Which firewall backend to use.

Whether to enable opening the firewall port 53317 for receiving files.

Open ports in the firewall for Homepage.

The address or interface to bind the native transport server to

Whether to enable application firewall.

Open ports in the firewall for the AdGuard Home web interface

Open firewall ports for HDFS JournalNode.

Open ports in the firewall for the EPGStation web interface.

Whether to open ports in the firewall for the videobridge.

Whether to open the default ports in the firewall: TCP/UDP 22000 for transfers and UDP 21027 for discovery

Open port in the firewall.

Open the port in the firewall for FlareSolverr.

Whether to open the required ports in the firewall.

Whether to open the Flannel UDP ports in the firewall on all interfaces.

Whether to automatically open the necessary ports in the firewall.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Opens UDP port in firewall for fedimintd's API Iroh endpoint

Whether to automatically open required firewall ports for chunkserver service.

Open firewall ports for nodemanager

Open the firewall ports corresponding to FoundationDB processes and coordinators using config.networking.firewall.*.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Opens up internal firewall ports for the NetBird's network interface.

Opens up internal firewall ports for the NetBird's network interface.

Whether to open the required firewall ports for the Smartphone as Card Reader (SaC) functionality of AusweisApp.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open ports in the firewall for Source Dedicated Server.

Whether to open ports in the firewall

Open ports in the firewall for the TeamSpeak3 serverquery (administration) system

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open ports in the firewall for TorrentStream daemon.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

List of addresses and ports to listen on (ListenAddress directive in config)

Whether to enable Open firewall port for taskchampion-sync-server.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Enables distributed pollers for this LibreNMS instance

Open ports in the firewall for the Audiobookshelf web interface.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open ports in the firewall for Steam Local Network Game Transfers.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open firewall ports for resourcemanager

Opens the bridge port in the firewall.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

Open port in firewall for incoming connections.

When using the SLiRP user networking (default), this option allows to forward ports to/from the host/guest.

Whether to open the port in the firewall.

Turn on proxy_arp for this device

This is optional and is by default off, because most users will not need it

This is optional and is by default off, because most users will not need it

Network ports to publish from the container to the outer host