| services.crowdsec-firewall-bouncer.registerBouncer.enable | Whether to automatically register the bouncer to the locally running
crowdsec service
|
| services.crowdsec-firewall-bouncer.secrets.apiKeyPath | Path to the API key to authenticate with a local CrowdSec API
|
| services.crowdsec-firewall-bouncer.settings.api_key | API key to authenticate with a local crowdsec API
|
| services.crowdsec.openFirewall | Whether to automatically open firewall ports for crowdsec.
|
| services.crowdsec-firewall-bouncer.enable | Whether to enable CrowdSec Firewall Bouncer.
|
| services.crowdsec.enable | Whether to enable CrowdSec Security Engine.
|
| services.crowdsec-firewall-bouncer.package | The crowdsec-firewall-bouncer package to use.
|
| services.crowdsec.user | The user to run crowdsec as
|
| services.crowdsec-firewall-bouncer.settings | Settings for the main CrowdSec Firewall Bouncer
|
| services.crowdsec.hub | Hub collections, parsers, AppSec rules, etc.
|
| services.crowdsec-firewall-bouncer.settings.mode | Firewall mode to use.
|
| services.crowdsec.name | Name of the machine when registering it at the central or local api.
|
| services.crowdsec.group | The group to run crowdsec as
|
| services.crowdsec-firewall-bouncer.createRulesets | Whether to have the module create the appropriate firewall configuration
based on the bouncer settings
|
| services.crowdsec.package | The crowdsec package to use.
|
| services.crowdsec.localConfig | The configuration for a crowdsec security engine.
|
| services.crowdsec-firewall-bouncer.registerBouncer.bouncerName | Name to register the bouncer as to the CrowdSec API
|
| services.crowdsec.settings | Set of various configuration attributes
|
| services.crowdsec-firewall-bouncer.settings.api_url | URL of the local API.
|
| services.crowdsec.autoUpdateService | Whether to enable if true cscli hub update will be executed daily
|
| nix.firewall.enable | Whether to enable firewalling for outgoing traffic of the nix daemon.
|
| networking.firewall.enable | Whether to enable the firewall
|
| nix.firewall.allowNonTCPUDP | Whether to allow traffic that is neither TCP nor UDP
|
| services.ferm.enable | Whether to enable Ferm Firewall.
Warning: Enabling this service WILL disable the existing NixOS
firewall! Default firewall rules provided by packages are not
considered at the moment.
|
| networking.firewall.extraCommands | Additional shell commands executed as part of the firewall
initialisation script
|
| networking.firewall.pingLimit | If pings are allowed, this allows setting rate limits on them
|
| nix.firewall.allowedTCPPorts | TCP ports to which traffic is allowed
|
| nix.firewall.allowedUDPPorts | UDP ports to which traffic is allowed
|
| networking.firewall.backend | Underlying implementation for the firewall service.
|
| networking.firewall.package | The package to use for running the firewall service.
|
| nix.firewall.allowLoopback | Whether to allow traffic on the loopback interface
|
| services.nebula.networks.<name>.firewall.inbound | Firewall rules for inbound traffic.
|
| nix.firewall.extraNftablesRules | Extra nftables rules to prepend to the generated ones
|
| services.nebula.networks.<name>.firewall.outbound | Firewall rules for outbound traffic.
|
| networking.firewall.extraStopCommands | Additional shell commands executed as part of the firewall
shutdown script
|
| networking.firewall.extraInputRules | Additional nftables rules to be appended to the input-allow
chain
|
| networking.firewall.filterForward | Enable filtering in IP forwarding
|
| networking.firewall.extraForwardRules | Additional nftables rules to be appended to the forward-allow
chain
|
| services.shorewall.enable | Whether to enable Shorewall IPv4 Firewall.
Enabling this service WILL disable the existing NixOS
firewall! Default firewall rules provided by packages are not
considered at the moment.
|
| services.shorewall6.enable | Whether to enable Shorewall IPv6 Firewall.
Enabling this service WILL disable the existing NixOS
firewall! Default firewall rules provided by packages are not
considered at the moment.
|
| services.technitium-dns-server.firewallUDPPorts | List of UDP ports to open in firewall.
|
| networking.firewall.extraReversePathFilterRules | Additional nftables rules to be appended to the rpfilter-allow
chain
|
| networking.firewall.allowedUDPPorts | List of open UDP ports.
|
| services.prometheus.exporters.pgbouncer.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.pgbouncer.openFirewall is true.
|
| nix.firewall.allowPrivateNetworks | Whether to allow traffic to local networks
|
| networking.firewall.allowPing | Whether to respond to incoming ICMPv4 echo requests
("pings")
|
| networking.firewall.allowedTCPPorts | List of TCP ports on which incoming connections are
accepted.
|
| services.firewalld.enable | Whether to enable FirewallD.
|
| services.prometheus.exporters.pgbouncer.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.pgbouncer.openFirewall
is true
|
| services.technitium-dns-server.firewallTCPPorts | List of TCP ports to open in firewall
|
| networking.firewall.extraPackages | Additional packages to be included in the environment of the system
as well as the path of networking.firewall.extraCommands.
|
| networking.firewall.allowedUDPPortRanges | Range of open UDP ports.
|
| networking.firewall.allowedTCPPortRanges | A range of TCP ports on which incoming connections are
accepted.
|
| networking.firewall.logReversePathDrops | Logs dropped packets failing the reverse path filter test if
the option networking.firewall.checkReversePath is enabled.
|
| networking.firewall.checkReversePath | Performs a reverse path filter test on a packet
|
| networking.firewall.interfaces | Interface-specific open ports.
|
| networking.firewall.rejectPackets | If set, refused packets are rejected rather than dropped
(ignored)
|
| networking.firewall.logRefusedPackets | Whether to log all rejected or dropped incoming packets
|
| networking.firewall.logRefusedUnicastsOnly | If networking.firewall.logRefusedPackets
and this option are enabled, then only log packets
specifically directed at this machine, i.e., not broadcasts
or multicasts.
|
| services.samba-wsdd.openFirewall | Whether to open the required firewall ports in the firewall.
|
| networking.firewall.autoLoadConntrackHelpers | Whether to auto-load connection-tracking helpers
|
| networking.firewall.trustedInterfaces | Traffic coming in from these interfaces will be accepted
unconditionally
|
| services.firewalld.settings.CleanupOnExit | Whether to clean up firewall rules when firewalld stops.
|
| networking.firewall.interfaces.<name>.allowedUDPPorts | List of open UDP ports.
|
| networking.firewall.interfaces.<name>.allowedTCPPorts | List of TCP ports on which incoming connections are
accepted.
|
| services.reaction.stopForFirewall | Whether to stop reaction when reloading the firewall
|
| networking.firewall.logRefusedConnections | Whether to log rejected or dropped incoming connections
|
| networking.firewall.interfaces.<name>.allowedUDPPortRanges | Range of open UDP ports.
|
| networking.firewall.interfaces.<name>.allowedTCPPortRanges | A range of TCP ports on which incoming connections are
accepted.
|
| virtualisation.libvirtd.firewallBackend | The backend used to setup virtual network firewall rules.
|
| services.prometheus.exporters.nut.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.nut.openFirewall is true.
|
| services.prometheus.exporters.lnd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.lnd.openFirewall is true.
|
| services.prometheus.exporters.sql.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.sql.openFirewall is true.
|
| services.prometheus.exporters.frr.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.frr.openFirewall is true.
|
| services.prometheus.exporters.pve.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.pve.openFirewall is true.
|
| services.prometheus.exporters.zfs.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.zfs.openFirewall is true.
|
| services.prometheus.exporters.kea.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.kea.openFirewall is true.
|
| services.firewalld.zones | firewalld zone configuration files
|
| services.prometheus.exporters.nats.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.nats.openFirewall is true.
|
| services.prometheus.exporters.bind.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.bind.openFirewall is true.
|
| services.prometheus.exporters.ping.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.ping.openFirewall is true.
|
| services.prometheus.exporters.flow.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.flow.openFirewall is true.
|
| services.prometheus.exporters.json.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.json.openFirewall is true.
|
| services.prometheus.exporters.ipmi.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.ipmi.openFirewall is true.
|
| services.prometheus.exporters.bird.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.bird.openFirewall is true.
|
| services.prometheus.exporters.mail.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.mail.openFirewall is true.
|
| services.prometheus.exporters.ebpf.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.ebpf.openFirewall is true.
|
| services.prometheus.exporters.knot.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.knot.openFirewall is true.
|
| services.prometheus.exporters.node.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.node.openFirewall is true.
|
| services.prometheus.exporters.snmp.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.snmp.openFirewall is true.
|
| services.prometheus.exporters.mqtt.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.mqtt.openFirewall is true.
|
| services.firewalld.settings.CleanupModulesOnExit | Whether to unload all firewall-related kernel modules when firewalld stops.
|
| services.prometheus.exporters.php-fpm.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.php-fpm.openFirewall is true.
|
| services.firewalld.extraArgs | Extra arguments to pass to FirewallD.
|
| services.prometheus.exporters.nginx.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.nginx.openFirewall is true.
|
| services.prometheus.exporters.redis.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.redis.openFirewall is true.
|
| services.prometheus.exporters.kafka.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.kafka.openFirewall is true.
|
| services.prometheus.exporters.idrac.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.idrac.openFirewall is true.
|
| services.prometheus.exporters.v2ray.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.v2ray.openFirewall is true.
|
| services.prometheus.exporters.jitsi.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.jitsi.openFirewall is true.
|
| services.prometheus.exporters.fritz.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.fritz.openFirewall is true.
|
| services.prometheus.exporters.dmarc.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.dmarc.openFirewall is true.
|
| services.prometheus.exporters.node-cert.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.node-cert.openFirewall is true.
|
| services.pgbouncer.openFirewall | Whether to automatically open the specified TCP port in the firewall.
|
| services.prometheus.exporters.fastly.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.fastly.openFirewall is true.
|
| services.prometheus.exporters.shelly.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.shelly.openFirewall is true.
|
| services.prometheus.exporters.statsd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.statsd.openFirewall is true.
|
| services.prometheus.exporters.domain.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.domain.openFirewall is true.
|
| services.prometheus.exporters.tibber.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.tibber.openFirewall is true.
|
| services.prometheus.exporters.rspamd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.rspamd.openFirewall is true.
|
| services.prometheus.exporters.deluge.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.deluge.openFirewall is true.
|
| services.prometheus.exporters.chrony.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.chrony.openFirewall is true.
|
| services.prometheus.exporters.pihole.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.pihole.openFirewall is true.
|
| services.prometheus.exporters.script.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.script.openFirewall is true.
|
| services.prometheus.exporters.dnssec.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.dnssec.openFirewall is true.
|
| services.prometheus.exporters.restic.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.restic.openFirewall is true.
|
| services.prometheus.exporters.mysqld.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.mysqld.openFirewall is true.
|
| services.prometheus.exporters.sql.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.sql.openFirewall
is true
|
| services.prometheus.exporters.lnd.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.lnd.openFirewall
is true
|
| services.prometheus.exporters.frr.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.frr.openFirewall
is true
|
| services.prometheus.exporters.zfs.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.zfs.openFirewall
is true
|
| services.prometheus.exporters.nut.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.nut.openFirewall
is true
|
| services.prometheus.exporters.kea.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.kea.openFirewall
is true
|
| services.prometheus.exporters.pve.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.pve.openFirewall
is true
|
| power.ups.openFirewall | Open ports in the firewall for upsd.
|
| services.prometheus.exporters.mqtt.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.mqtt.openFirewall
is true
|
| services.prometheus.exporters.json.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.json.openFirewall
is true
|
| services.prometheus.exporters.flow.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.flow.openFirewall
is true
|
| services.prometheus.exporters.mail.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.mail.openFirewall
is true
|
| services.prometheus.exporters.ebpf.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.ebpf.openFirewall
is true
|
| services.prometheus.exporters.nats.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.nats.openFirewall
is true
|
| services.prometheus.exporters.knot.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.knot.openFirewall
is true
|
| services.prometheus.exporters.bind.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.bind.openFirewall
is true
|
| services.prometheus.exporters.bird.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.bird.openFirewall
is true
|
| services.prometheus.exporters.node.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.node.openFirewall
is true
|
| services.prometheus.exporters.ipmi.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.ipmi.openFirewall
is true
|
| services.prometheus.exporters.ping.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.ping.openFirewall
is true
|
| services.prometheus.exporters.snmp.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.snmp.openFirewall
is true
|
| services.prometheus.exporters.nvidia-gpu.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.nvidia-gpu.openFirewall is true.
|
| services.firewalld.package | The firewalld package to use.
|
| services.prometheus.exporters.php-fpm.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.php-fpm.openFirewall
is true
|
| services.fail2ban.packageFirewall | The firewall package used by fail2ban service
|
| services.prometheus.exporters.rtl_433.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.rtl_433.openFirewall is true.
|
| services.prometheus.exporters.bitcoin.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.bitcoin.openFirewall is true.
|
| services.prometheus.exporters.dnsmasq.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.dnsmasq.openFirewall is true.
|
| services.prometheus.exporters.unbound.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.unbound.openFirewall is true.
|
| services.prometheus.exporters.apcupsd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.apcupsd.openFirewall is true.
|
| services.prometheus.exporters.libvirt.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.libvirt.openFirewall is true.
|
| services.prometheus.exporters.varnish.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.varnish.openFirewall is true.
|
| services.prometheus.exporters.postfix.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.postfix.openFirewall is true.
|
| services.prometheus.exporters.sabnzbd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.sabnzbd.openFirewall is true.
|
| services.prometheus.exporters.ecoflow.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.ecoflow.openFirewall is true.
|
| services.prometheus.exporters.klipper.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.klipper.openFirewall is true.
|
| services.prometheus.exporters.systemd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.systemd.openFirewall is true.
|
| services.prometheus.exporters.dovecot.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.dovecot.openFirewall is true.
|
| services.prometheus.exporters.mongodb.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.mongodb.openFirewall is true.
|
| services.prometheus.exporters.process.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.process.openFirewall is true.
|
| services.prometheus.exporters.jitsi.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.jitsi.openFirewall
is true
|
| services.prometheus.exporters.redis.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.redis.openFirewall
is true
|
| services.prometheus.exporters.nginx.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.nginx.openFirewall
is true
|
| services.prometheus.exporters.idrac.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.idrac.openFirewall
is true
|
| services.prometheus.exporters.kafka.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.kafka.openFirewall
is true
|
| services.prometheus.exporters.v2ray.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.v2ray.openFirewall
is true
|
| services.prometheus.exporters.fritz.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.fritz.openFirewall
is true
|
| services.prometheus.exporters.dmarc.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.dmarc.openFirewall
is true
|
| services.cloudflare-warp.udpPort | The UDP port to open in the firewall
|
| services.prometheus.exporters.node-cert.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.node-cert.openFirewall
is true
|
| services.ferm.config | Verbatim ferm.conf configuration.
|
| services.gnome.rygel.enable | Whether to enable Rygel UPnP Mediaserver
|
| services.prometheus.exporters.domain.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.domain.openFirewall
is true
|
| services.prometheus.exporters.chrony.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.chrony.openFirewall
is true
|
| services.prometheus.exporters.statsd.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.statsd.openFirewall
is true
|
| services.prometheus.exporters.tibber.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.tibber.openFirewall
is true
|
| services.prometheus.exporters.mysqld.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.mysqld.openFirewall
is true
|
| services.prometheus.exporters.rspamd.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.rspamd.openFirewall
is true
|
| services.prometheus.exporters.pihole.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.pihole.openFirewall
is true
|
| services.prometheus.exporters.deluge.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.deluge.openFirewall
is true
|
| services.prometheus.exporters.dnssec.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.dnssec.openFirewall
is true
|
| services.prometheus.exporters.restic.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.restic.openFirewall
is true
|
| services.prometheus.exporters.script.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.script.openFirewall
is true
|
| services.prometheus.exporters.fastly.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.fastly.openFirewall
is true
|
| services.prometheus.exporters.shelly.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.shelly.openFirewall
is true
|
| services.prometheus.exporters.py-air-control.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.py-air-control.openFirewall is true.
|
| services.firewalld.settings.FirewallBackend | The firewall backend implementation
|
| networking.firewall.connectionTrackingModules | List of connection-tracking helpers that are auto-loaded
|
| services.firewalld.zones.<name>.short | Short description for the zone.
|
| services.firewalld.zones.<name>.rules | Rich rules for the zone.
|
| services.firewalld.zones.<name>.ports | Ports to allow in the zone.
|
| services.prometheus.exporters.mailman3.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.mailman3.openFirewall is true.
|
| services.prometheus.exporters.unpoller.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.unpoller.openFirewall is true.
|
| services.prometheus.exporters.blackbox.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.blackbox.openFirewall is true.
|
| services.prometheus.exporters.influxdb.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.influxdb.openFirewall is true.
|
| services.prometheus.exporters.collectd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.collectd.openFirewall is true.
|
| services.prometheus.exporters.mikrotik.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.mikrotik.openFirewall is true.
|
| services.prometheus.exporters.fritzbox.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.fritzbox.openFirewall is true.
|
| services.prometheus.exporters.graphite.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.graphite.openFirewall is true.
|
| services.prometheus.exporters.nginxlog.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.nginxlog.openFirewall is true.
|
| services.prometheus.exporters.postgres.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.postgres.openFirewall is true.
|
| services.prometheus.exporters.keylight.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.keylight.openFirewall is true.
|
| services.prometheus.exporters.opnsense.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.opnsense.openFirewall is true.
|
| services.prometheus.exporters.smartctl.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.smartctl.openFirewall is true.
|
| services.prometheus.exporters.nvidia-gpu.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.nvidia-gpu.openFirewall
is true
|
| services.prometheus.exporters.rtl_433.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.rtl_433.openFirewall
is true
|
| services.prometheus.exporters.apcupsd.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.apcupsd.openFirewall
is true
|
| services.prometheus.exporters.unbound.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.unbound.openFirewall
is true
|
| services.prometheus.exporters.varnish.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.varnish.openFirewall
is true
|
| services.prometheus.exporters.ecoflow.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.ecoflow.openFirewall
is true
|
| services.prometheus.exporters.bitcoin.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.bitcoin.openFirewall
is true
|
| services.prometheus.exporters.dnsmasq.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.dnsmasq.openFirewall
is true
|
| services.prometheus.exporters.dovecot.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.dovecot.openFirewall
is true
|
| services.prometheus.exporters.libvirt.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.libvirt.openFirewall
is true
|
| services.prometheus.exporters.sabnzbd.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.sabnzbd.openFirewall
is true
|
| services.prometheus.exporters.process.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.process.openFirewall
is true
|
| services.prometheus.exporters.systemd.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.systemd.openFirewall
is true
|
| services.prometheus.exporters.mongodb.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.mongodb.openFirewall
is true
|
| services.prometheus.exporters.klipper.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.klipper.openFirewall
is true
|
| services.prometheus.exporters.postfix.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.postfix.openFirewall
is true
|
| services.firewalld.settings.IndividualCalls | Whether to use individual -restore calls to apply changes to the firewall
|
| services.prometheus.exporters.imap-mailstat.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.imap-mailstat.openFirewall is true.
|
| services.firewalld.services | firewalld service configuration files
|
| services.firewalld.zones.<name>.ports.*.port | |
| services.prometheus.exporters.nextcloud.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.nextcloud.openFirewall is true.
|
| services.prometheus.exporters.surfboard.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.surfboard.openFirewall is true.
|
| services.prometheus.exporters.smokeping.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.smokeping.openFirewall is true.
|
| services.prometheus.exporters.wireguard.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.wireguard.openFirewall is true.
|
| services.prometheus.exporters.rasdaemon.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.rasdaemon.openFirewall is true.
|
| services.prometheus.exporters.borgmatic.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.borgmatic.openFirewall is true.
|
| services.prometheus.exporters.tailscale.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.tailscale.openFirewall is true.
|
| services.prometheus.exporters.junos-czerwonk.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.junos-czerwonk.openFirewall is true.
|
| services.prometheus.exporters.py-air-control.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.py-air-control.openFirewall
is true
|
| services.firewalld.zones.<name>.target | Action for packets that doesn't match any rules.
|
| services.irkerd.openPorts | Open ports in the firewall for irkerd
|
| services.prometheus.exporters.mailman3.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.mailman3.openFirewall
is true
|
| services.prometheus.exporters.keylight.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.keylight.openFirewall
is true
|
| services.prometheus.exporters.fritzbox.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.fritzbox.openFirewall
is true
|
| services.prometheus.exporters.opnsense.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.opnsense.openFirewall
is true
|
| services.prometheus.exporters.smartctl.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.smartctl.openFirewall
is true
|
| services.prometheus.exporters.mikrotik.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.mikrotik.openFirewall
is true
|
| services.prometheus.exporters.influxdb.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.influxdb.openFirewall
is true
|
| services.prometheus.exporters.postgres.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.postgres.openFirewall
is true
|
| services.prometheus.exporters.nginxlog.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.nginxlog.openFirewall
is true
|
| services.prometheus.exporters.unpoller.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.unpoller.openFirewall
is true
|
| services.prometheus.exporters.blackbox.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.blackbox.openFirewall
is true
|
| services.prometheus.exporters.collectd.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.collectd.openFirewall
is true
|
| services.prometheus.exporters.graphite.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.graphite.openFirewall
is true
|
| services.firewalld.settings | FirewallD config file
|
| services.dae.openFirewall.enable | Whether to enable opening port in the firewall.
|
| services.zammad.openPorts | Whether to open firewall ports for Zammad
|
| services.mediatomb.openFirewall | If false (the default), this is up to the user to declare the firewall rules
|
| services.prometheus.exporters.imap-mailstat.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.imap-mailstat.openFirewall
is true
|
| services.prometheus.exporters.buildkite-agent.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.buildkite-agent.openFirewall is true.
|
| services.firewalld.zones.<name>.version | Version of the zone.
|
| services.prometheus.exporters.scaphandre.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.scaphandre.openFirewall is true.
|
| services.prometheus.exporters.storagebox.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.storagebox.openFirewall is true.
|
| services.firewalld.packages | Packages providing firewalld zones and other files
|
| services.firewalld.zones.<name>.icmpBlocks | ICMP types to block in the zone.
|
| services.prometheus.exporters.smokeping.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.smokeping.openFirewall
is true
|
| services.prometheus.exporters.wireguard.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.wireguard.openFirewall
is true
|
| services.prometheus.exporters.nextcloud.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.nextcloud.openFirewall
is true
|
| services.prometheus.exporters.borgmatic.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.borgmatic.openFirewall
is true
|
| services.prometheus.exporters.surfboard.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.surfboard.openFirewall
is true
|
| services.prometheus.exporters.rasdaemon.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.rasdaemon.openFirewall
is true
|
| services.prometheus.exporters.tailscale.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.tailscale.openFirewall
is true
|
| services.aria2.openPorts | Open listen and RPC ports found in settings.listen-port and
settings.rpc-listen-port options in the firewall.
|
| services.amule.openPeerPorts | Whether to enable open the peer port(s) in the firewall.
|
| services.prometheus.exporters.junos-czerwonk.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.junos-czerwonk.openFirewall
is true
|
| services.prometheus.exporters.exportarr-sonarr.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.exportarr-sonarr.openFirewall is true.
|
| services.prometheus.exporters.exportarr-lidarr.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.exportarr-lidarr.openFirewall is true.
|
| services.prometheus.exporters.exportarr-bazarr.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.exportarr-bazarr.openFirewall is true.
|
| services.prometheus.exporters.exportarr-radarr.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.exportarr-radarr.openFirewall is true.
|
| services.firewalld.services.<name>.ports | Ports of the service.
|
| networking.nftables.extraDeletions | Extra deletion commands to be run on every firewall start, reload
and after stopping the firewall.
|
| services.firewalld.zones.<name>.services | Services to allow in the zone.
|
| services.firewalld.services.<name>.short | Short description for the service.
|
| services.firewalld.zones.<name>.sources.*.mac | A MAC address.
|
| services.firewalld.zones.<name>.sourcePorts | Source ports to allow in the zone.
|
| services.k3s.serverAddr | The k3s server to connect to
|
| services.dae.openFirewall | Open the firewall port.
|
| services.firewalld.zones.<name>.sources | Source addresses, address ranges, MAC addresses or ipsets to bind.
|
| services.prometheus.exporters.exportarr-readarr.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.exportarr-readarr.openFirewall is true.
|
| services.prometheus.exporters.artifactory.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.artifactory.openFirewall is true.
|
| services.prometheus.exporters.buildkite-agent.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.buildkite-agent.openFirewall
is true
|
| services.prometheus.exporters.storagebox.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.storagebox.openFirewall
is true
|
| services.prometheus.exporters.scaphandre.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.scaphandre.openFirewall
is true
|
| services.opensnitch.enable | Whether to enable Opensnitch application firewall.
|
| services.firewalld.zones.<name>.sourcePorts.*.port | |
| services.firewalld.services.<name>.ports.*.port | |
| services.prometheus.exporters.exportarr-radarr.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.exportarr-radarr.openFirewall
is true
|
| services.prometheus.exporters.exportarr-lidarr.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.exportarr-lidarr.openFirewall
is true
|
| services.prometheus.exporters.exportarr-sonarr.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.exportarr-sonarr.openFirewall
is true
|
| services.prometheus.exporters.exportarr-bazarr.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.exportarr-bazarr.openFirewall
is true
|
| services.qui.openFirewall | Whether or not to open ports in the firewall for qui.
|
| services.prometheus.exporters.exportarr-prowlarr.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.exportarr-prowlarr.openFirewall is true.
|
| services.firewalld.zones.<name>.forwardPorts | Ports to forward in the zone.
|
| services.firewalld.zones.<name>.sources.*.ipset | An ipset.
|
| services.miredo.bindPort | Depending on the local firewall/NAT rules, you might need to force
Miredo to use a fixed UDP port and or IPv4 address.
|
| services.n8n.openFirewall | Open ports in the firewall for the n8n web interface.
|
| services.prometheus.exporters.exportarr-readarr.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.exportarr-readarr.openFirewall
is true
|
| services.prometheus.exporters.artifactory.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.artifactory.openFirewall
is true
|
| services.prometheus.exporters.modemmanager.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.modemmanager.openFirewall is true.
|
| services.tor.openFirewall | Whether to enable opening of the relay port(s) in the firewall.
|
| services.send.openFirewall | Whether to open firewall ports for send
|
| services.plex.openFirewall | Open ports in the firewall for the media server.
|
| services.firewalld.zones.<name>.forwardPorts.*.port | |
| services.firewalld.services.<name>.version | Version of the service.
|
| services.firewalld.services.<name>.helpers | Helpers for the service.
|
| services.nfs.server.statdPort | Use a fixed port for rpc.statd
|
| services.nbd.server.listenPort | Port to listen on
|
| services.ombi.openFirewall | Open ports in the firewall for the Ombi web interface.
|
| services.xrdp.openFirewall | Whether to open the firewall for the specified RDP port.
|
| services.firewalld.zones.<name>.forward | Whether to enable intra-zone forwarding
|
| services.node-red.openFirewall | Open ports in the firewall for the server.
|
| services.firewalld.zones.<name>.forwardPorts.*.to-port | |
| services.prometheus.exporters.exportarr-prowlarr.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.exportarr-prowlarr.openFirewall
is true
|
| services.firewalld.zones.<name>.ports.*.protocol | |
| services.croc.openFirewall | Whether to enable opening of the peer port(s) in the firewall.
|
| services.ergo.openFirewall | Open ports in the firewall for the Ergo node as well as the API.
|
| services.plikd.openFirewall | Open ports in the firewall for the plikd.
|
| services.omnom.openFirewall | Whether to open ports in the firewall.
|
| services.snmpd.openFirewall | Open port in firewall for snmpd.
|
| services.firewalld.zones.<name>.protocols | Protocols to allow in the zone.
|
| services.firewalld.services.<name>.sourcePorts | Source ports for the service.
|
| services.firewalld.zones.<name>.forwardPorts.*.to-addr | Destination IP address.
|
| programs.sharing.enable | Whether to enable sharing, a CLI tool for sharing files
|
| services.prometheus.exporters.modemmanager.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.modemmanager.openFirewall
is true
|
| services.nfs.server.mountdPort | Use fixed port for rpc.mountd, useful if server is behind firewall.
|
| services.tika.openFirewall | Whether to open the firewall for Apache Tika
|
| services.atuin.openFirewall | Open ports in the firewall for the atuin server.
|
| services.memos.openFirewall | Whether to enable opening the ports in the firewall.
|
| services.firewalld.settings.RFC3964_IPv4 | Whether to filter IPv6 traffic with 6to4 destination addresses that correspond to IPv4 addresses that should not be routed over the public internet.
|
| services.firewalld.settings.DefaultZone | Default zone for connections.
|
| services.znc.openFirewall | Whether to open ports in the firewall for ZNC
|
| services.netbird.server.coturn.enable | Whether to enable a Coturn server for Netbird, will also open the firewall on the configured range.
|
| services.cook-cli.openFirewall | Whether to open the cook-cli server port in the firewall.
|
| services.flood.openFirewall | Whether to open the firewall for the port in services.flood.port.
|
| services.komga.openFirewall | Whether to open the firewall for the port in services.komga.settings.server.port.
|
| services.gatus.openFirewall | Whether to open the firewall for the Gatus web interface.
|
| services.paisa.openFirewall | Open ports in the firewall for the Paisa web server.
|
| services.stash.openFirewall | Open ports in the firewall for the Stash web interface.
|
| services.yggdrasil.openMulticastPort | Whether to open the UDP port used for multicast peer discovery
|
| services.firewalld.services.<name>.sourcePorts.*.port | |
| boot.initrd.network.ifstate.cleanupSettings | Content of IfState's initrd cleanup configuration file
|
| services.firewalld.settings.ReloadPolicy | The policy during reload.
|
| services.firewalld.services.<name>.includes | Services to include for the service.
|
| services.karma.openFirewall | Whether to open ports in the firewall needed for karma to function.
|
| services.rqbit.openFirewall | Whether to enable opening of the HTTP and Peer ports in the firewall.
|
| services.shoko.openFirewall | Open ports in the firewall for the ShokoAnime api and web interface.
|
| services.samba.openFirewall | Whether to enable opening the default ports in the firewall for Samba.
|
| services.wivrn.openFirewall | Whether to enable the default ports in the firewall for the WiVRn server.
|
| programs.mosh.openFirewall | Whether to automatically open the necessary ports in the firewall.
|
| services.nix-serve.openFirewall | Open ports in the firewall for nix-serve.
|
| services.iperf3.openFirewall | Open ports in the firewall for iperf3.
|
| networking.nat.enable | Whether to enable Network Address Translation (NAT)
|
| services.firewalld.settings.FlushAllOnReload | Whether to flush all runtime rules on a reload.
|
| services.nfs.server.lockdPort | Use a fixed port for the NFS lock manager kernel module
(lockd/nlockmgr)
|
| services.llama-cpp.openFirewall | Open ports in the firewall for LLaMA C++ server.
|
| services.lidarr.openFirewall | Open ports in the firewall for Lidarr
|
| programs.alvr.openFirewall | Whether to open the default ports in the firewall for the ALVR server.
|
| services.firewalld.zones.<name>.egressPriority | Priority for outbound traffic
|
| services.actual.openFirewall | Whether to open the firewall for the specified port.
|
| services.immich.openFirewall | Whether to open the immich port in the firewall
|
| services.firewalld.zones.<name>.interfaces | Interfaces to bind.
|
| services.slskd.openFirewall | Whether to open the firewall for the soulseek network listen port (not the web interface port).
|
| services.deconz.openFirewall | Whether to enable opening up the service ports in the firewall.
|
| services.bazarr.openFirewall | Open ports in the firewall for the bazarr web interface.
|
| services.porn-vault.openFirewall | Whether to open the Porn-Vault port in the firewall.
|
| services.sonarr.openFirewall | Open ports in the firewall for the Sonarr web interface
|
| services.nitter.openFirewall | Open ports in the firewall for Nitter web interface.
|
| services.radarr.openFirewall | Open ports in the firewall for the Radarr web interface.
|
| services.redlib.openFirewall | Open ports in the firewall for the redlib web interface
|
| services.firewalld.zones.<name>.masquerade | Whether to enable masquerading in the zone.
|
| services.etcd.openFirewall | Open etcd ports in the firewall
|
| services.firewalld.services.<name>.ports.*.protocol | |
| services.firewalld.services.<name>.protocols | Protocols for the service.
|
| services.glance.openFirewall | Whether to open the firewall for Glance
|
| services.ollama.openFirewall | Whether to open the firewall for ollama
|
| services.murmur.openFirewall | Whether to enable opening ports in the firewall for the Mumble server.
|
| services.firewalld.zones.<name>.sourcePorts.*.protocol | |
| services.firewalld.settings.LogDenied | Add logging rules right before reject and drop rules in the INPUT, FORWARD and OUTPUT chains for the default rules and also final reject and drop rules in zones for the configured link-layer packet type.
|
| services.veilid.openFirewall | Whether to open firewall on ports 5150/tcp, 5150/udp
|
| services.meme-bingo-web.openFirewall | Whether to enable Opens the specified port in the firewall.
.
|
| services.openarena.openPorts | Whether to open firewall ports for OpenArena
|
| services.teeworlds.openPorts | Whether to open firewall ports for Teeworlds.
|
| services.roon-server.openFirewall | Open ports in the firewall for the server.
|
| services.roon-bridge.openFirewall | Open ports in the firewall for the bridge.
|
| services.firewalld.zones.<name>.ingressPriority | Priority for inbound traffic
|
| services.mpd.openFirewall | Open ports in the firewall for mpd
|
| services.miredo.bindAddress | Depending on the local firewall/NAT rules, you might need to force
Miredo to use a fixed UDP port and or IPv4 address.
|
| services.avahi.openFirewall | Whether to open the firewall for UDP port 5353
|
| services.open-webui.openFirewall | Whether to open the firewall for Open-WebUI
|
| services.mchprs.openFirewall | Whether to open ports in the firewall for the server
|
| services.corteza.openFirewall | Whether to open ports in the firewall.
|
| services.glances.openFirewall | Open port in the firewall for glances.
|
| services.grafana.openFirewall | Open the ports in the firewall for the server.
|
| services.polaris.openFirewall | Open the configured port in the firewall.
|
| services.readarr.openFirewall | Open ports in the firewall for Readarr
|
| services.screego.openFirewall | Open the firewall port(s).
|
| services.llama-swap.openFirewall | Whether to open the firewall for llama-swap
|
| services.deluge.web.openFirewall | Open ports in the firewall for deluge web daemon
|
| services.esphome.openFirewall | Whether to open the firewall for the specified port.
|
| services.livekit.openFirewall | Opens port range for LiveKit on the firewall.
|
| services.marytts.openFirewall | Whether to open the port in the firewall for MaryTTS.
|
| services.pgadmin.openFirewall | Whether to enable firewall passthrough for pgadmin4.
|
| services.owncast.openFirewall | Open the appropriate ports in the firewall for owncast.
|
| services.vmagent.openFirewall | Whether to open the firewall for the default ports.
|
| services.vlagent.openFirewall | Whether to open the firewall for the default ports.
|
| services.firewalld.zones.<name>.forwardPorts.*.protocol | |
| services.pihole-ftl.openFirewallDNS | Open ports in the firewall for pihole-FTL's DNS server.
|
| services.firewalld.zones.<name>.description | Description for the zone.
|
| services.autobrr.openFirewall | Open ports in the firewall for the Autobrr web interface.
|
| services.jackett.openFirewall | Open ports in the firewall for the Jackett web interface.
|
| services.biboumi.openFirewall | Whether to enable opening of the identd port in the firewall.
|
| services.sharkey.openFirewall | Whether to open ports in the NixOS firewall for Sharkey.
|
| services.openssh.openFirewall | Whether to automatically open the specified ports in the firewall.
|
| services.umurmur.openFirewall | Open ports in the firewall for the uMurmur Mumble server.
|
| services.serviio.openFirewall | Open ports in the firewall for the Serviio Media Server.
|
| services.sabnzbd.openFirewall | Open ports in the firewall for the sabnzbd web interface
|
| services.pdfding.openFirewall | Open ports in the firewall for the PdfDing web interface.
|
| services.zitadel.openFirewall | Whether to open the port specified in listenPort in the firewall.
|
| services.xonotic.openFirewall | Open the firewall for TCP and UDP on the specified port.
|
| services.uptermd.openFirewall | Whether to open the firewall for the port in services.uptermd.port.
|
| services.calibre-web.openFirewall | Open ports in the firewall for the server.
|
| services.freeciv.openFirewall | Whether to enable opening the firewall for the port listening for clients.
|
| services.kthxbye.openFirewall | Whether to open ports in the firewall needed for the daemon to function.
|
| services.orthanc.openFirewall | Whether to open the firewall for Orthanc
|
| services.litellm.openFirewall | Whether to open the firewall for LiteLLM
|
| services.firewalld.zones.<name>.icmpBlockInversion | Whether to invert the icmp block handling
|
| services.etesync-dav.openFirewall | Whether to open the firewall for the specified port.
|
| services.zabbixAgent.openFirewall | Open ports in the firewall for the Zabbix Agent.
|
| services.zabbixProxy.openFirewall | Open ports in the firewall for the Zabbix Proxy.
|
| services.cassandra.jmxPort | Specifies the default port over which Cassandra will be available for
JMX connections
|
| services.pihole-ftl.openFirewallDHCP | Open ports in the firewall for pihole-FTL's DHCP server.
|
| services.firewalld.zones.<name>.sources.*.address | An IP address or a network IP address with a mask for IPv4 or IPv6
|
| services.immich-kiosk.openFirewall | Whether to open the firewall for the immich-kiosk port.
|
| services.haste-server.openFirewall | Whether to enable firewall passthrough for haste-server.
|
| services.anki-sync-server.openFirewall | Whether to open the firewall for the specified port.
|
| services.quake3-server.openFirewall | Open the firewall.
|
| networking.wireguard.interfaces.<name>.fwMark | Mark all wireguard packets originating from
this interface with the given firewall mark
|
| services.firewalld.services.<name>.sourcePorts.*.protocol | |
| services.public-inbox.openFirewall | Whether to enable opening the firewall when using a port option.
|
| services.druid.broker.openFirewall | Open firewall ports for Druid Broker.
|
| services.druid.router.openFirewall | Open firewall ports for Druid Router.
|
| services.mycelium.openFirewall | Open the firewall for mycelium
|
| services.devpi-server.openFirewall | Whether to enable opening the default ports in the firewall for Devpi Server.
|
| services.beszel.agent.openFirewall | Whether to open the firewall port (default 45876).
|
| services.tmate-ssh-server.openFirewall | Whether to automatically open the specified ports in the firewall.
|
| services.matter-server.openFirewall | Whether to open the port in the firewall.
|
| services.terraria.openFirewall | Whether to open ports in the firewall
|
| services.metabase.openFirewall | Open ports in the firewall for Metabase.
|
| services.tautulli.openFirewall | Open ports in the firewall for Tautulli.
|
| services.unifi.openFirewall | Whether or not to open the minimum required ports on the firewall
|
| services.vwifi.server.openFirewall | Whether to enable opening the firewall for the TCP and spy ports.
|
| services.hardware.lcd.server.openPorts | Open the ports in the firewall
|
| services.ersatztv.openFirewall | Open the default ports in the firewall for the server.
|
| services.spoolman.openFirewall | Open the appropriate ports in the firewall for spoolman.
|
| services.sunshine.openFirewall | Whether to automatically open ports in the firewall.
|
| services.zabbixServer.openFirewall | Open ports in the firewall for the Zabbix Server.
|
| services.caddy.openFirewall | Whether to enable opening the specified http(s) ports in the firewall
|
| services.radicle.node.openFirewall | Whether to enable opening the firewall for radicle-node.
|
| services.gemstash.openFirewall | Whether to open the firewall for the port in services.gemstash.bind.
|
| services.endlessh.openFirewall | Whether to open a firewall port for the SSH listener.
|
| services.rtorrent.openFirewall | Whether to open the firewall for the port in services.rtorrent.port.
|
| services.prowlarr.openFirewall | Open ports in the firewall for the Prowlarr web interface.
|
| services.whisparr.openFirewall | Open ports in the firewall for the Whisparr web interface.
|
| services.firewalld.services.<name>.destination | Destinations for the service.
|
| services.firewalld.services.<name>.description | Description for the service.
|
| services.chromadb.openFirewall | Whether to automatically open the specified TCP port in the firewall.
|
| services.factorio.openFirewall | Whether to automatically open the specified UDP port in the firewall.
|
| services.scrutiny.openFirewall | Whether to enable opening the default ports in the firewall for Scrutiny.
|
| services.endlessh-go.openFirewall | Whether to open a firewall port for the SSH listener.
|
| services.printing.openFirewall | Whether to open the firewall for TCP ports specified in
listenAddresses option.
|
| services.pingvin-share.openFirewall | Whether to open the firewall for the port in services.pingvin-share.frontend.port.
|
| services.firewalld.settings.NftablesCounters | Whether to add a counter to every nftables rule.
|
| services.eternal-terminal.port | The port the server should listen on
|
| services.webhook.openFirewall | Open the configured port in the firewall for external ingress traffic
|
| services.prometheus.exporters.pgbouncer.openFirewall | Open port in firewall for incoming connections.
|
| services.minidlna.openFirewall | Whether to enable opening HTTP (TCP) and SSDP (UDP) ports in the firewall.
|
| services.stalwart.openFirewall | Whether to open TCP firewall ports, which are specified in
services.stalwart.settings.server.listener on all interfaces.
|
| services.hadoop.hbase.rest.openFirewall | Open firewall ports for HBase rest.
|
| services.docling-serve.openFirewall | Whether to open the firewall for Docling Serve
|
| services.etebase-server.openFirewall | Whether to open ports in the firewall for the server.
|
| services.libeufin.bank.openFirewall | Whether to open ports in the firewall
|
| services.firewalld.services.<name>.destination.ipv4 | IPv4 destination.
|
| services.firewalld.services.<name>.destination.ipv6 | IPv6 destination.
|
| services.librechat.openFirewall | Whether to open the port in the firewall.
|
| services.bitmagnet.openFirewall | Open DHT ports in firewall
|
| services.octoprint.openFirewall | Open ports in the firewall for OctoPrint.
|
| services.firewalld.settings.NftablesTableOwner | If enabled, the generated nftables rule set will be owned exclusively by firewalld
|
| services.zapret.params | Specify the bypass parameters for Zapret binary
|
| services.netbird.server.coturn.openPorts | The list of ports used by coturn for listening to open in the firewall.
|
| services.calibre-server.openFirewall | Open ports in the firewall for the Calibre Server web interface.
|
| services.redis.servers.<name>.openFirewall | Whether to open ports in the firewall for the server.
|
| services.nzbhydra2.openFirewall | Open ports in the firewall for the NZBHydra2 web interface.
|
| services.udp-over-tcp.tcp2udp.<name>.openFirewall | Open the appropriate ports in the firewall.
|
| services.udp-over-tcp.udp2tcp.<name>.openFirewall | Open the appropriate ports in the firewall.
|
| services.immich-public-proxy.openFirewall | Whether to open the IPP port in the firewall
|
| services.tailscale.openFirewall | Whether to open the firewall for the specified port.
|
| services.navidrome.openFirewall | Whether to open the TCP port in the firewall
|
| programs.envision.openFirewall | Whether to enable the default ports in the firewall for the WiVRn server.
|
| services.hadoop.hdfs.httpfs.openFirewall | Open firewall ports for HDFS JournalNode.
|
| services.saunafs.master.openFirewall | Whether to automatically open the necessary ports in the firewall.
|
| services.lanraragi.openFirewall | Open ports in the firewall for LANraragi's web interface.
|
| services.pinchflat.openFirewall | Open ports in the firewall for the Pinchflat web interface
|
| services.overseerr.openFirewall | Open a port in the firewall for the Overseerr web interface.
|
| services.libeufin.nexus.openFirewall | Whether to open ports in the firewall
|
| services.taler.exchange.openFirewall | Whether to open ports in the firewall
|
| services.taler.merchant.openFirewall | Whether to open ports in the firewall
|
| programs.steam.remotePlay.openFirewall | Open ports in the firewall for Steam Remote Play.
|
| services.pangolin.openFirewall | Whether to enable opening TCP ports 80 and 443, and UDP port 51820 in the firewall for the Pangolin service(s).
|
| services.stalwart-mail.openFirewall | Whether to open TCP firewall ports, which are specified in
services.stalwart-mail.settings.server.listener on all interfaces.
|
| services.blendfarm.openFirewall | Whether to enable allowing blendfarm network access through the firewall.
|
| services.druid.overlord.openFirewall | Open firewall ports for Druid Overlord.
|
| services.local-content-share.openFirewall | Whether to automatically open the specified port in the firewall
|
| services.moosefs.master.openFirewall | Whether to automatically open required firewall ports for master service.
|
| services.cockroachdb.openPorts | Open firewall ports for cluster communication by default
|
| services.dockerRegistry.openFirewall | Opens the port used by the firewall.
|
| services.hadoop.hbase.thrift.openFirewall | Open firewall ports for HBase thrift.
|
| services.hadoop.hbase.master.openFirewall | Open firewall ports for HBase master.
|
| services.firewalld.settings.StrictForwardPorts | If enabled, the generated destination NAT (DNAT) rules will NOT accept traffic that was DNAT'd by other entities, e.g. docker
|
| services.shairport-sync.openFirewall | Whether to automatically open ports in the firewall.
|
| services.home-assistant.openFirewall | Whether to open the firewall for the specified port.
|
| services.deluge.openFirewall | Whether to open the firewall for the ports in
services.deluge.config.listen_ports
|
| services.portunus.ldap.tls | Whether to enable LDAPS protocol
|
| services.pixiecore.openFirewall | Open ports (67, 69, 4011 UDP and 'port', 'statusPort' TCP) in the firewall for Pixiecore.
|
| services.suwayomi-server.openFirewall | Whether to open the firewall for the port in services.suwayomi-server.settings.server.port.
|
| services.opensnitch.rules | Declarative configuration of firewall rules
|
| services.icecream.daemon.openFirewall | Whether to automatically open receive port in the firewall.
|
| services.druid.middleManager.openFirewall | Open firewall ports for Druid middleManager.
|
| services.teamspeak3.openFirewall | Open ports in the firewall for the TeamSpeak3 server.
|
| services.zoneminder.openFirewall | Open the firewall port(s).
|
| services.jellyfin.openFirewall | Open the default ports in the firewall for the media server
|
| services.fedimintd.<name>.ui.openFirewall | Opens TCP port in firewall for built-in UI
|
| services.livekit.ingress.openFirewall.rtc | Open WebRTC ports in the firewall.
|
| services.beanstalkd.openFirewall | Whether to open ports in the firewall for the server.
|
| services.linkwarden.openFirewall | Whether to open the Linkwarden port in the firewall
|
| programs.localsend.openFirewall | Whether to enable opening the firewall port 53317 for receiving files.
|
| services.firewalld.settings.NftablesFlowtable | This may improve forwarded traffic throughput by enabling nftables flowtable
|
| services.broadcast-box.openFirewall | Whether to enable opening WebRTC traffic ports in the firewall
|
| services.fedimintd.<name>.api.openFirewall | Opens port in firewall for fedimintd's api port
|
| services.jellyseerr.openFirewall | Open port in the firewall for the Jellyseerr web interface.
|
| services.lubelogger.openFirewall | Open ports in the firewall for the LubeLogger web interface.
|
| services.snapserver.openFirewall | Whether to automatically open the specified ports in the firewall.
|
| services.szurubooru.openFirewall | Whether to open the firewall for the port in services.szurubooru.server.port.
|
| services.taskserver.openFirewall | Whether to open the firewall for the specified Taskserver port.
|
| services.wgautomesh.openFirewall | Automatically open gossip port in firewall (recommended).
|
| services.homebridge.openFirewall | Open ports in the firewall for the Homebridge web interface and service.
|
| services.keepalived.openFirewall | Whether to automatically allow VRRP and AH packets in the firewall.
|
| services.lasuite-meet.livekit.openFirewall | Whether to enable Open firewall ports for livekit.
|
| services.livekit.ingress.openFirewall.rtmp | Open RTMP port in the firewall.
|
| services.livekit.ingress.openFirewall.whip | Open WHIP port in the firewall.
|
| services.fedimintd.<name>.p2p.openFirewall | Opens port in firewall for fedimintd's p2p port (both TCP and UDP)
|
| services.crossfire-server.openFirewall | Whether to open ports in the firewall for the server.
|
| services.minecraft-server.openFirewall | Whether to open ports in the firewall for the server.
|
| services.hadoop.hdfs.datanode.openFirewall | Open firewall ports for HDFS DataNode.
|
| services.hadoop.hdfs.namenode.openFirewall | Open firewall ports for HDFS NameNode.
|
| services.transmission.openRPCPort | Whether to enable opening of the RPC port in the firewall.
|
| services.broadcast-box.web.openFirewall | Whether to enable opening the HTTP server port and, if enabled, the HTTPS redirect server
port in the firewall.
.
|
| services.gotosocial.openFirewall | Open the configured port in the firewall
|
| services.reposilite.openFirewall | Whether to open the firewall ports for Reposilite
|
| services.pulseaudio.tcp.openFirewall | Whether to enable Open firewall for the specified port.
|
| services.cloudflare-warp.openFirewall | Whether to enable opening UDP ports in the firewall.
|
| services.icecream.daemon.openBroadcast | Whether to automatically open the firewall for scheduler discovery.
|
| services.hadoop.hbase.regionServer.openFirewall | Open firewall ports for HBase regionServer.
|
| services.pihole-ftl.openFirewallWebserver | Open ports in the firewall for pihole-FTL's webserver, as configured in settings.webserver.port.
|
| services.reaction.runAsRoot | Whether to run reaction as root
|
| services.zapret.configureFirewall | Whether to setup firewall routing so that system http(s) traffic is forwarded via this service
|
| services.druid.historical.openFirewall | Open firewall ports for Druid Historical.
|
| services.mirakurun.openFirewall | Open ports in the firewall for Mirakurun.
Exposing Mirakurun to the open internet is generally advised
against
|
| services.transmission.openPeerPorts | Whether to enable opening of the peer port(s) in the firewall.
|
| services.filebrowser.openFirewall | Whether to enable opening firewall ports for FileBrowser.
|
| services.spacecookie.openFirewall | Whether to open the necessary port in the firewall for spacecookie.
|
| services.fedimintd.<name>.api_ws.openFirewall | Opens TCP port in firewall for fedimintd's Websocket API
|
| services.qbittorrent.openFirewall | Whether to enable opening both the webuiPort and torrentPort over TCP in the firewall.
|
| services.lighthouse.beacon.openFirewall | Open the port in the firewall
|
| programs.ausweisapp.openFirewall | Whether to open the required firewall ports for the Smartphone as Card Reader (SaC) functionality of AusweisApp.
|
| services.netbird.clients.<name>.openFirewall | Opens up firewall port for communication between NetBird peers directly over LAN or public IP,
without using (internet-hosted) TURN servers as intermediaries.
|
| services.netbird.tunnels.<name>.openFirewall | Opens up firewall port for communication between NetBird peers directly over LAN or public IP,
without using (internet-hosted) TURN servers as intermediaries.
|
| services.tailscale.derper.openFirewall | Whether to open the firewall for the specified port
|
| services.homepage-dashboard.openFirewall | Open ports in the firewall for Homepage.
|
| services.jitsi-videobridge.openFirewall | Whether to open ports in the firewall for the videobridge.
|
| services.adguardhome.openFirewall | Open ports in the firewall for the AdGuard Home web interface
|
| services.opensnitch.settings.Rules.Path | Path to the directory where firewall rules can be found and will
get stored by the NixOS module.
|
| services.icecream.scheduler.openFirewall | Whether to automatically open the daemon port in the firewall.
|
| services.silverbullet.openFirewall | Open port in the firewall.
|
| services.druid.coordinator.openFirewall | Open firewall ports for Druid Coordinator.
|
| services.flaresolverr.openFirewall | Open the port in the firewall for FlareSolverr.
|
| services.opensnitch.settings.Firewall | Which firewall backend to use.
|
| services.firewalld.settings.IPv6_rpfilter | Performs reverse path filtering (RPF) on IPv6 packets as per RFC 3704
|
| services.photonvision.openFirewall | Whether to open the required ports in the firewall.
|
| services.epgstation.openFirewall | Open ports in the firewall for the EPGStation web interface.
Exposing EPGStation to the open internet is generally advised
against
|
| programs.steam.dedicatedServer.openFirewall | Open ports in the firewall for Source Dedicated Server.
|
| services.teamspeak3.openFirewallServerQuery | Open ports in the firewall for the TeamSpeak3 serverquery (administration) system
|
| services.cassandra.rpcAddress | The address or interface to bind the native transport server to
|
| services.syncthing.openDefaultPorts | Whether to open the default ports in the firewall: TCP/UDP 22000 for transfers
and UDP 21027 for discovery
|
| services.fedimintd.<name>.api_iroh.openFirewall | Opens UDP port in firewall for fedimintd's API Iroh endpoint
|
| services.foundationdb.openFirewall | Open the firewall ports corresponding to FoundationDB processes and coordinators
using config.networking.firewall.*.
|
| services.netbird.tunnels.<name>.openInternalFirewall | Opens up internal firewall ports for the NetBird's network interface.
|
| services.netbird.clients.<name>.openInternalFirewall | Opens up internal firewall ports for the NetBird's network interface.
|
| services.kubernetes.flannel.openFirewallPorts | Whether to open the Flannel UDP ports in the firewall on all interfaces.
|
| services.hadoop.hdfs.journalnode.openFirewall | Open firewall ports for HDFS JournalNode.
|
| services.saunafs.chunkserver.openFirewall | Whether to automatically open the necessary ports in the firewall.
|
| services.moosefs.chunkserver.openFirewall | Whether to automatically open required firewall ports for chunkserver service.
|
| services.torrentstream.openFirewall | Open ports in the firewall for TorrentStream daemon.
|
| services.technitium-dns-server.openFirewall | Whether to open ports in the firewall
|
| networking.nftables.enable | Whether to enable nftables and use nftables based firewall if enabled.
nftables is a Linux-based packet filtering framework intended to
replace frameworks like iptables
|
| services.prometheus.exporters.sql.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.zfs.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.pve.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.lnd.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.nut.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.frr.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.kea.openFirewall | Open port in firewall for incoming connections.
|
| services.taskchampion-sync-server.openFirewall | Whether to enable Open firewall port for taskchampion-sync-server.
|
| services.prometheus.exporters.ipmi.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.knot.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.bind.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.mail.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.bird.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.flow.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.php-fpm.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.ebpf.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.mqtt.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.nats.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.snmp.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.ping.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.json.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.node.openFirewall | Open port in firewall for incoming connections.
|
| services.hadoop.yarn.nodemanager.openFirewall | Open firewall ports for nodemanager
|
| programs.steam.localNetworkGameTransfers.openFirewall | Open ports in the firewall for Steam Local Network Game Transfers.
|
| services.prometheus.exporters.dmarc.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.v2ray.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.idrac.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.kafka.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.nginx.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.jitsi.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.redis.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.fritz.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.node-cert.openFirewall | Open port in firewall for incoming connections.
|
| services.audiobookshelf.openFirewall | Open ports in the firewall for the Audiobookshelf web interface.
|
| services.prometheus.exporters.fastly.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.statsd.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.rspamd.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.tibber.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.script.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.domain.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.dnssec.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.deluge.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.mysqld.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.restic.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.chrony.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.pihole.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.shelly.openFirewall | Open port in firewall for incoming connections.
|
| services.librenms.useDistributedPollers | Enables distributed pollers
for this LibreNMS instance
|
| services.prometheus.exporters.nvidia-gpu.openFirewall | Open port in firewall for incoming connections.
|
| services.openssh.listenAddresses | List of addresses and ports to listen on (ListenAddress directive
in config)
|
| services.prometheus.exporters.rtl_433.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.systemd.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.klipper.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.dovecot.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.postfix.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.varnish.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.libvirt.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.bitcoin.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.process.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.apcupsd.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.mongodb.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.sabnzbd.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.dnsmasq.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.unbound.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.ecoflow.openFirewall | Open port in firewall for incoming connections.
|
| virtualisation.forwardPorts | When using the SLiRP user networking (default), this option allows to
forward ports to/from the host/guest.
If the NixOS firewall on the virtual machine is enabled, you also
have to open the guest ports to enable the traffic between host and
guest.
Currently QEMU supports only IPv4 forwarding.
|
| services.prometheus.exporters.py-air-control.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.mailman3.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.unpoller.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.keylight.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.collectd.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.nginxlog.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.mikrotik.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.influxdb.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.graphite.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.smartctl.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.postgres.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.fritzbox.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.blackbox.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.opnsense.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.alertmanager.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.imap-mailstat.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.rasdaemon.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.wireguard.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.nextcloud.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.borgmatic.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.smokeping.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.junos-czerwonk.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.surfboard.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.tailscale.openFirewall | Open port in firewall for incoming connections.
|
| networking.interfaces.<name>.proxyARP | Turn on proxy_arp for this device
|
| services.prometheus.alertmanagerGotify.openFirewall | Opens the bridge port in the firewall.
|
| virtualisation.podman.networkSocket.openFirewall | Whether to open the port in the firewall.
|
| services.prometheus.exporters.buildkite-agent.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.storagebox.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.scaphandre.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.exportarr-radarr.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.exportarr-lidarr.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.exportarr-bazarr.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.exportarr-sonarr.openFirewall | Open port in firewall for incoming connections.
|
| services.hadoop.yarn.resourcemanager.openFirewall | Open firewall ports for resourcemanager
|
| services.prometheus.exporters.exportarr-readarr.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.artifactory.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.exportarr-prowlarr.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.modemmanager.openFirewall | Open port in firewall for incoming connections.
|
| networking.wg-quick.interfaces.<name>.peers.*.persistentKeepalive | This is optional and is by default off, because most
users will not need it
|
| networking.wireguard.interfaces.<name>.peers.*.persistentKeepalive | This is optional and is by default off, because most
users will not need it
|
| virtualisation.oci-containers.containers.<name>.ports | Network ports to publish from the container to the outer host
|