| services.crowdsec-firewall-bouncer.secrets.apiKeyPath | Path to the API key to authenticate with a local CrowdSec API
|
| services.crowdsec-firewall-bouncer.settings.api_key | API key to authenticate with a local crowdsec API
|
| services.crowdsec-firewall-bouncer.registerBouncer.enable | Whether to automatically register the bouncer to the locally running
crowdsec service
|
| services.crowdsec.openFirewall | Whether to automatically open firewall ports for crowdsec.
|
| services.crowdsec.user | The user to run crowdsec as
|
| services.crowdsec.hub | Hub collections, parsers, AppSec rules, etc.
|
| services.crowdsec.name | Name of the machine when registering it at the central or local api.
|
| services.crowdsec.group | The group to run crowdsec as
|
| services.crowdsec-firewall-bouncer.enable | Whether to enable CrowdSec Firewall Bouncer.
|
| services.crowdsec-firewall-bouncer.package | The crowdsec-firewall-bouncer package to use.
|
| services.crowdsec-firewall-bouncer.settings.api_url | URL of the local API.
|
| services.crowdsec.enable | Whether to enable CrowdSec Security Engine.
|
| services.crowdsec-firewall-bouncer.settings | Settings for the main CrowdSec Firewall Bouncer
|
| services.crowdsec-firewall-bouncer.settings.mode | Firewall mode to use.
|
| services.crowdsec.package | The crowdsec package to use.
|
| services.crowdsec.localConfig | The configuration for a crowdsec security engine.
|
| services.crowdsec.settings | Set of various configuration attributes
|
| services.crowdsec-firewall-bouncer.createRulesets | Whether to have the module create the appropriate firewall configuration
based on the bouncer settings
|
| services.crowdsec-firewall-bouncer.registerBouncer.bouncerName | Name to register the bouncer as to the CrowdSec API
|
| services.crowdsec.autoUpdateService | Whether to enable if true cscli hub update will be executed daily
|
| nix.firewall.enable | Whether to enable firewalling for outgoing traffic of the nix daemon.
|
| nix.firewall.allowNonTCPUDP | Whether to allow traffic that is neither TCP nor UDP
|
| networking.firewall.enable | Whether to enable the firewall
|
| nix.firewall.allowedTCPPorts | TCP ports to which traffic is allowed
|
| nix.firewall.allowedUDPPorts | UDP ports to which traffic is allowed
|
| networking.firewall.extraReversePathFilterRules | Additional nftables rules to be appended to the rpfilter-allow
chain
|
| networking.firewall.pingLimit | If pings are allowed, this allows setting rate limits on them
|
| networking.firewall.extraCommands | Additional shell commands executed as part of the firewall
initialisation script
|
| networking.firewall.logReversePathDrops | Logs dropped packets failing the reverse path filter test if
the option networking.firewall.checkReversePath is enabled.
|
| networking.firewall.checkReversePath | Performs a reverse path filter test on a packet
|
| networking.firewall.backend | Underlying implementation for the firewall service.
|
| nix.firewall.allowLoopback | Whether to allow traffic on the loopback interface
|
| networking.firewall.package | The package to use for running the firewall service.
|
| nix.firewall.extraNftablesRules | Extra nftables rules to prepend to the generated ones
|
| services.nebula.networks.<name>.firewall.inbound | Firewall rules for inbound traffic.
|
| networking.firewall.extraInputRules | Additional nftables rules to be appended to the input-allow
chain
|
| services.nebula.networks.<name>.firewall.outbound | Firewall rules for outbound traffic.
|
| networking.firewall.extraStopCommands | Additional shell commands executed as part of the firewall
shutdown script
|
| services.ferm.enable | Whether to enable Ferm Firewall.
Warning: Enabling this service WILL disable the existing NixOS
firewall! Default firewall rules provided by packages are not
considered at the moment.
|
| networking.firewall.filterForward | Enable filtering in IP forwarding
|
| networking.firewall.extraForwardRules | Additional nftables rules to be appended to the forward-allow
chain
|
| nix.firewall.allowPrivateNetworks | Whether to allow traffic to local networks
|
| networking.firewall.allowPing | Whether to respond to incoming ICMPv4 echo requests
("pings")
|
| networking.firewall.allowedUDPPorts | List of open UDP ports.
|
| networking.firewall.allowedTCPPorts | List of TCP ports on which incoming connections are
accepted.
|
| services.prometheus.exporters.pgbouncer.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.pgbouncer.openFirewall is true.
|
| services.technitium-dns-server.firewallUDPPorts | List of UDP ports to open in firewall.
|
| services.prometheus.exporters.pgbouncer.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.pgbouncer.openFirewall
is true
|
| networking.firewall.extraPackages | Additional packages to be included in the environment of the system
as well as the path of networking.firewall.extraCommands.
|
| networking.firewall.allowedUDPPortRanges | Range of open UDP ports.
|
| services.technitium-dns-server.firewallTCPPorts | List of TCP ports to open in firewall
|
| networking.firewall.allowedTCPPortRanges | A range of TCP ports on which incoming connections are
accepted.
|
| networking.firewall.interfaces | Interface-specific open ports.
|
| services.shorewall.enable | Whether to enable Shorewall IPv4 Firewall.
Enabling this service WILL disable the existing NixOS
firewall! Default firewall rules provided by packages are not
considered at the moment.
|
| networking.firewall.rejectPackets | If set, refused packets are rejected rather than dropped
(ignored)
|
| networking.firewall.logRefusedPackets | Whether to log all rejected or dropped incoming packets
|
| networking.firewall.logRefusedUnicastsOnly | If networking.firewall.logRefusedPackets
and this option are enabled, then only log packets
specifically directed at this machine, i.e., not broadcasts
or multicasts.
|
| services.shorewall6.enable | Whether to enable Shorewall IPv6 Firewall.
Enabling this service WILL disable the existing NixOS
firewall! Default firewall rules provided by packages are not
considered at the moment.
|
| networking.firewall.autoLoadConntrackHelpers | Whether to auto-load connection-tracking helpers
|
| networking.firewall.trustedInterfaces | Traffic coming in from these interfaces will be accepted
unconditionally
|
| services.firewalld.settings.CleanupOnExit | Whether to clean up firewall rules when firewalld stops.
|
| services.samba-wsdd.openFirewall | Whether to open the required firewall ports in the firewall.
|
| networking.firewall.interfaces.<name>.allowedUDPPorts | List of open UDP ports.
|
| networking.firewall.interfaces.<name>.allowedTCPPorts | List of TCP ports on which incoming connections are
accepted.
|
| services.firewalld.zones | firewalld zone configuration files
|
| services.prometheus.exporters.nut.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.nut.openFirewall is true.
|
| services.prometheus.exporters.lnd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.lnd.openFirewall is true.
|
| services.prometheus.exporters.sql.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.sql.openFirewall is true.
|
| services.prometheus.exporters.frr.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.frr.openFirewall is true.
|
| services.prometheus.exporters.pve.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.pve.openFirewall is true.
|
| services.prometheus.exporters.zfs.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.zfs.openFirewall is true.
|
| services.prometheus.exporters.kea.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.kea.openFirewall is true.
|
| networking.firewall.logRefusedConnections | Whether to log rejected or dropped incoming connections
|
| services.firewalld.enable | Whether to enable FirewallD.
|
| services.prometheus.exporters.nats.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.nats.openFirewall is true.
|
| services.prometheus.exporters.bind.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.bind.openFirewall is true.
|
| services.prometheus.exporters.ping.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.ping.openFirewall is true.
|
| services.prometheus.exporters.ipmi.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.ipmi.openFirewall is true.
|
| services.prometheus.exporters.bird.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.bird.openFirewall is true.
|
| services.prometheus.exporters.ebpf.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.ebpf.openFirewall is true.
|
| services.prometheus.exporters.node.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.node.openFirewall is true.
|
| services.prometheus.exporters.mqtt.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.mqtt.openFirewall is true.
|
| services.prometheus.exporters.flow.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.flow.openFirewall is true.
|
| services.prometheus.exporters.json.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.json.openFirewall is true.
|
| services.prometheus.exporters.mail.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.mail.openFirewall is true.
|
| services.prometheus.exporters.knot.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.knot.openFirewall is true.
|
| services.prometheus.exporters.snmp.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.snmp.openFirewall is true.
|
| services.prometheus.exporters.php-fpm.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.php-fpm.openFirewall is true.
|
| services.firewalld.extraArgs | Extra arguments to pass to FirewallD.
|
| networking.firewall.interfaces.<name>.allowedUDPPortRanges | Range of open UDP ports.
|
| services.pgbouncer.openFirewall | Whether to automatically open the specified TCP port in the firewall.
|
| services.prometheus.exporters.nginx.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.nginx.openFirewall is true.
|
| services.prometheus.exporters.redis.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.redis.openFirewall is true.
|
| services.prometheus.exporters.kafka.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.kafka.openFirewall is true.
|
| services.prometheus.exporters.idrac.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.idrac.openFirewall is true.
|
| services.prometheus.exporters.v2ray.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.v2ray.openFirewall is true.
|
| services.prometheus.exporters.jitsi.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.jitsi.openFirewall is true.
|
| services.prometheus.exporters.fritz.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.fritz.openFirewall is true.
|
| services.prometheus.exporters.dmarc.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.dmarc.openFirewall is true.
|
| networking.firewall.interfaces.<name>.allowedTCPPortRanges | A range of TCP ports on which incoming connections are
accepted.
|
| services.prometheus.exporters.node-cert.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.node-cert.openFirewall is true.
|
| services.prometheus.exporters.sql.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.sql.openFirewall
is true
|
| services.prometheus.exporters.lnd.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.lnd.openFirewall
is true
|
| services.prometheus.exporters.frr.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.frr.openFirewall
is true
|
| services.prometheus.exporters.zfs.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.zfs.openFirewall
is true
|
| services.prometheus.exporters.nut.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.nut.openFirewall
is true
|
| services.prometheus.exporters.kea.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.kea.openFirewall
is true
|
| services.prometheus.exporters.pve.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.pve.openFirewall
is true
|
| services.prometheus.exporters.fastly.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.fastly.openFirewall is true.
|
| services.prometheus.exporters.shelly.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.shelly.openFirewall is true.
|
| services.prometheus.exporters.statsd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.statsd.openFirewall is true.
|
| services.prometheus.exporters.domain.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.domain.openFirewall is true.
|
| services.prometheus.exporters.tibber.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.tibber.openFirewall is true.
|
| services.prometheus.exporters.rspamd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.rspamd.openFirewall is true.
|
| services.prometheus.exporters.deluge.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.deluge.openFirewall is true.
|
| services.prometheus.exporters.chrony.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.chrony.openFirewall is true.
|
| services.prometheus.exporters.pihole.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.pihole.openFirewall is true.
|
| services.prometheus.exporters.script.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.script.openFirewall is true.
|
| services.prometheus.exporters.dnssec.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.dnssec.openFirewall is true.
|
| services.prometheus.exporters.restic.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.restic.openFirewall is true.
|
| services.prometheus.exporters.mysqld.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.mysqld.openFirewall is true.
|
| services.firewalld.settings.CleanupModulesOnExit | Whether to unload all firewall-related kernel modules when firewalld stops.
|
| services.prometheus.exporters.mqtt.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.mqtt.openFirewall
is true
|
| services.prometheus.exporters.json.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.json.openFirewall
is true
|
| services.prometheus.exporters.flow.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.flow.openFirewall
is true
|
| services.prometheus.exporters.mail.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.mail.openFirewall
is true
|
| services.prometheus.exporters.ebpf.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.ebpf.openFirewall
is true
|
| services.prometheus.exporters.nats.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.nats.openFirewall
is true
|
| services.prometheus.exporters.knot.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.knot.openFirewall
is true
|
| services.prometheus.exporters.bind.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.bind.openFirewall
is true
|
| services.prometheus.exporters.bird.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.bird.openFirewall
is true
|
| services.prometheus.exporters.node.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.node.openFirewall
is true
|
| services.prometheus.exporters.ipmi.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.ipmi.openFirewall
is true
|
| services.prometheus.exporters.ping.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.ping.openFirewall
is true
|
| services.prometheus.exporters.snmp.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.snmp.openFirewall
is true
|
| virtualisation.libvirtd.firewallBackend | The backend used to setup virtual network firewall rules.
|
| services.prometheus.exporters.php-fpm.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.php-fpm.openFirewall
is true
|
| services.firewalld.package | The firewalld package to use.
|
| services.prometheus.exporters.nvidia-gpu.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.nvidia-gpu.openFirewall is true.
|
| services.reaction.stopForFirewall | Whether to stop reaction when reloading the firewall
|
| services.prometheus.exporters.jitsi.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.jitsi.openFirewall
is true
|
| services.prometheus.exporters.redis.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.redis.openFirewall
is true
|
| services.prometheus.exporters.nginx.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.nginx.openFirewall
is true
|
| services.prometheus.exporters.idrac.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.idrac.openFirewall
is true
|
| services.prometheus.exporters.kafka.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.kafka.openFirewall
is true
|
| services.prometheus.exporters.v2ray.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.v2ray.openFirewall
is true
|
| services.prometheus.exporters.fritz.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.fritz.openFirewall
is true
|
| services.prometheus.exporters.dmarc.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.dmarc.openFirewall
is true
|
| services.prometheus.exporters.bitcoin.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.bitcoin.openFirewall is true.
|
| services.prometheus.exporters.dnsmasq.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.dnsmasq.openFirewall is true.
|
| services.prometheus.exporters.unbound.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.unbound.openFirewall is true.
|
| services.prometheus.exporters.apcupsd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.apcupsd.openFirewall is true.
|
| services.prometheus.exporters.libvirt.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.libvirt.openFirewall is true.
|
| services.prometheus.exporters.varnish.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.varnish.openFirewall is true.
|
| services.prometheus.exporters.postfix.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.postfix.openFirewall is true.
|
| services.prometheus.exporters.sabnzbd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.sabnzbd.openFirewall is true.
|
| services.prometheus.exporters.ecoflow.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.ecoflow.openFirewall is true.
|
| services.prometheus.exporters.klipper.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.klipper.openFirewall is true.
|
| services.prometheus.exporters.systemd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.systemd.openFirewall is true.
|
| services.prometheus.exporters.dovecot.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.dovecot.openFirewall is true.
|
| services.prometheus.exporters.mongodb.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.mongodb.openFirewall is true.
|
| services.prometheus.exporters.process.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.process.openFirewall is true.
|
| services.prometheus.exporters.node-cert.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.node-cert.openFirewall
is true
|
| services.prometheus.exporters.domain.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.domain.openFirewall
is true
|
| services.prometheus.exporters.chrony.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.chrony.openFirewall
is true
|
| services.prometheus.exporters.statsd.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.statsd.openFirewall
is true
|
| services.prometheus.exporters.tibber.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.tibber.openFirewall
is true
|
| services.prometheus.exporters.mysqld.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.mysqld.openFirewall
is true
|
| services.prometheus.exporters.rspamd.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.rspamd.openFirewall
is true
|
| services.prometheus.exporters.pihole.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.pihole.openFirewall
is true
|
| services.prometheus.exporters.deluge.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.deluge.openFirewall
is true
|
| services.prometheus.exporters.dnssec.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.dnssec.openFirewall
is true
|
| services.prometheus.exporters.restic.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.restic.openFirewall
is true
|
| services.prometheus.exporters.script.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.script.openFirewall
is true
|
| services.prometheus.exporters.fastly.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.fastly.openFirewall
is true
|
| services.prometheus.exporters.shelly.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.shelly.openFirewall
is true
|
| services.firewalld.zones.<name>.short | Short description for the zone.
|
| services.firewalld.zones.<name>.rules | Rich rules for the zone.
|
| services.firewalld.zones.<name>.ports | Ports to allow in the zone.
|
| services.prometheus.exporters.py-air-control.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.py-air-control.openFirewall is true.
|
| services.prometheus.exporters.rtl_433.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.rtl_433.openFirewall is true.
|
| services.prometheus.exporters.nvidia-gpu.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.nvidia-gpu.openFirewall
is true
|
| services.prometheus.exporters.unpoller.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.unpoller.openFirewall is true.
|
| services.prometheus.exporters.blackbox.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.blackbox.openFirewall is true.
|
| services.prometheus.exporters.influxdb.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.influxdb.openFirewall is true.
|
| services.prometheus.exporters.collectd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.collectd.openFirewall is true.
|
| services.prometheus.exporters.mikrotik.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.mikrotik.openFirewall is true.
|
| services.prometheus.exporters.fritzbox.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.fritzbox.openFirewall is true.
|
| services.prometheus.exporters.graphite.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.graphite.openFirewall is true.
|
| services.prometheus.exporters.nginxlog.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.nginxlog.openFirewall is true.
|
| services.prometheus.exporters.postgres.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.postgres.openFirewall is true.
|
| services.prometheus.exporters.keylight.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.keylight.openFirewall is true.
|
| services.prometheus.exporters.opnsense.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.opnsense.openFirewall is true.
|
| services.prometheus.exporters.smartctl.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.smartctl.openFirewall is true.
|
| services.prometheus.exporters.apcupsd.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.apcupsd.openFirewall
is true
|
| services.prometheus.exporters.unbound.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.unbound.openFirewall
is true
|
| services.prometheus.exporters.varnish.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.varnish.openFirewall
is true
|
| services.prometheus.exporters.ecoflow.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.ecoflow.openFirewall
is true
|
| services.prometheus.exporters.bitcoin.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.bitcoin.openFirewall
is true
|
| services.prometheus.exporters.dnsmasq.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.dnsmasq.openFirewall
is true
|
| services.prometheus.exporters.dovecot.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.dovecot.openFirewall
is true
|
| services.prometheus.exporters.libvirt.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.libvirt.openFirewall
is true
|
| services.prometheus.exporters.sabnzbd.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.sabnzbd.openFirewall
is true
|
| services.prometheus.exporters.process.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.process.openFirewall
is true
|
| services.prometheus.exporters.systemd.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.systemd.openFirewall
is true
|
| services.prometheus.exporters.mongodb.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.mongodb.openFirewall
is true
|
| services.prometheus.exporters.klipper.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.klipper.openFirewall
is true
|
| services.prometheus.exporters.postfix.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.postfix.openFirewall
is true
|
| services.firewalld.services | firewalld service configuration files
|
| services.firewalld.settings.FirewallBackend | The firewall backend implementation
|
| services.ferm.config | Verbatim ferm.conf configuration.
|
| services.firewalld.zones.<name>.ports.*.port | |
| services.prometheus.exporters.imap-mailstat.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.imap-mailstat.openFirewall is true.
|
| services.prometheus.exporters.mailman3.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.mailman3.openFirewall is true.
|
| services.prometheus.exporters.py-air-control.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.py-air-control.openFirewall
is true
|
| services.firewalld.zones.<name>.target | Action for packets that doesn't match any rules.
|
| services.prometheus.exporters.nextcloud.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.nextcloud.openFirewall is true.
|
| services.prometheus.exporters.surfboard.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.surfboard.openFirewall is true.
|
| services.prometheus.exporters.smokeping.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.smokeping.openFirewall is true.
|
| services.prometheus.exporters.wireguard.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.wireguard.openFirewall is true.
|
| services.prometheus.exporters.rasdaemon.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.rasdaemon.openFirewall is true.
|
| services.prometheus.exporters.borgmatic.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.borgmatic.openFirewall is true.
|
| services.prometheus.exporters.tailscale.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.tailscale.openFirewall is true.
|
| services.prometheus.exporters.rtl_433.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.rtl_433.openFirewall
is true
|
| services.prometheus.exporters.junos-czerwonk.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.junos-czerwonk.openFirewall is true.
|
| networking.firewall.connectionTrackingModules | List of connection-tracking helpers that are auto-loaded
|
| services.firewalld.settings | FirewallD config file
|
| services.prometheus.exporters.keylight.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.keylight.openFirewall
is true
|
| services.prometheus.exporters.fritzbox.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.fritzbox.openFirewall
is true
|
| services.prometheus.exporters.opnsense.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.opnsense.openFirewall
is true
|
| services.prometheus.exporters.smartctl.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.smartctl.openFirewall
is true
|
| services.prometheus.exporters.mikrotik.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.mikrotik.openFirewall
is true
|
| services.prometheus.exporters.influxdb.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.influxdb.openFirewall
is true
|
| services.prometheus.exporters.postgres.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.postgres.openFirewall
is true
|
| services.prometheus.exporters.nginxlog.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.nginxlog.openFirewall
is true
|
| services.prometheus.exporters.unpoller.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.unpoller.openFirewall
is true
|
| services.prometheus.exporters.blackbox.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.blackbox.openFirewall
is true
|
| services.prometheus.exporters.collectd.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.collectd.openFirewall
is true
|
| services.prometheus.exporters.graphite.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.graphite.openFirewall
is true
|
| services.firewalld.settings.IndividualCalls | Whether to use individual -restore calls to apply changes to the firewall
|
| services.firewalld.packages | Packages providing firewalld zones and other files
|
| services.prometheus.exporters.imap-mailstat.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.imap-mailstat.openFirewall
is true
|
| services.prometheus.exporters.mailman3.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.mailman3.openFirewall
is true
|
| services.firewalld.zones.<name>.version | Version of the zone.
|
| services.firewalld.zones.<name>.icmpBlocks | ICMP types to block in the zone.
|
| services.prometheus.exporters.buildkite-agent.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.buildkite-agent.openFirewall is true.
|
| services.prometheus.exporters.scaphandre.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.scaphandre.openFirewall is true.
|
| services.prometheus.exporters.storagebox.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.storagebox.openFirewall is true.
|
| services.opensnitch.settings.Rules.Path | Path to the directory where firewall rules can be found and will
get stored by the NixOS module.
|
| services.prometheus.exporters.smokeping.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.smokeping.openFirewall
is true
|
| services.prometheus.exporters.wireguard.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.wireguard.openFirewall
is true
|
| services.prometheus.exporters.nextcloud.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.nextcloud.openFirewall
is true
|
| services.prometheus.exporters.borgmatic.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.borgmatic.openFirewall
is true
|
| services.prometheus.exporters.surfboard.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.surfboard.openFirewall
is true
|
| services.prometheus.exporters.rasdaemon.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.rasdaemon.openFirewall
is true
|
| services.prometheus.exporters.tailscale.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.tailscale.openFirewall
is true
|
| services.prometheus.exporters.junos-czerwonk.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.junos-czerwonk.openFirewall
is true
|
| services.cloudflare-warp.udpPort | The UDP port to open in the firewall
|
| services.firewalld.services.<name>.ports | Ports of the service.
|
| services.prometheus.exporters.exportarr-sonarr.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.exportarr-sonarr.openFirewall is true.
|
| services.prometheus.exporters.exportarr-lidarr.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.exportarr-lidarr.openFirewall is true.
|
| services.prometheus.exporters.exportarr-bazarr.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.exportarr-bazarr.openFirewall is true.
|
| services.prometheus.exporters.exportarr-radarr.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.exportarr-radarr.openFirewall is true.
|
| services.fail2ban.packageFirewall | The firewall package used by fail2ban service
|
| services.irkerd.openPorts | Open ports in the firewall for irkerd
|
| power.ups.openFirewall | Open ports in the firewall for upsd.
|
| services.firewalld.zones.<name>.services | Services to allow in the zone.
|
| services.firewalld.services.<name>.short | Short description for the service.
|
| services.firewalld.zones.<name>.sources.*.mac | A MAC address.
|
| services.firewalld.zones.<name>.sourcePorts | Source ports to allow in the zone.
|
| services.firewalld.zones.<name>.sources | Source addresses, address ranges, MAC addresses or ipsets to bind.
|
| services.zammad.openPorts | Whether to open firewall ports for Zammad
|
| services.prometheus.exporters.buildkite-agent.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.buildkite-agent.openFirewall
is true
|
| services.prometheus.exporters.storagebox.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.storagebox.openFirewall
is true
|
| services.prometheus.exporters.scaphandre.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.scaphandre.openFirewall
is true
|
| services.prometheus.exporters.exportarr-readarr.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.exportarr-readarr.openFirewall is true.
|
| services.prometheus.exporters.artifactory.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.artifactory.openFirewall is true.
|
| services.firewalld.zones.<name>.sourcePorts.*.port | |
| services.firewalld.services.<name>.ports.*.port | |
| services.amule.openPeerPorts | Whether to enable open the peer port(s) in the firewall.
|
| services.prometheus.exporters.exportarr-radarr.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.exportarr-radarr.openFirewall
is true
|
| services.prometheus.exporters.exportarr-lidarr.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.exportarr-lidarr.openFirewall
is true
|
| services.prometheus.exporters.exportarr-sonarr.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.exportarr-sonarr.openFirewall
is true
|
| services.prometheus.exporters.exportarr-bazarr.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.exportarr-bazarr.openFirewall
is true
|
| services.k3s.serverAddr | The k3s server to connect to
|
| services.firewalld.zones.<name>.forwardPorts | Ports to forward in the zone.
|
| services.firewalld.zones.<name>.sources.*.ipset | An ipset.
|
| services.prometheus.exporters.exportarr-prowlarr.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.exportarr-prowlarr.openFirewall is true.
|
| services.firewalld.settings.RFC3964_IPv4 | Whether to filter IPv6 traffic with 6to4 destination addresses that correspond to IPv4 addresses that should not be routed over the public internet.
|
| services.prometheus.exporters.exportarr-readarr.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.exportarr-readarr.openFirewall
is true
|
| services.firewalld.zones.<name>.forward | Whether to enable intra-zone forwarding
|
| services.prometheus.exporters.artifactory.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.artifactory.openFirewall
is true
|
| services.prometheus.exporters.modemmanager.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.modemmanager.openFirewall is true.
|
| services.nfs.server.statdPort | Use a fixed port for rpc.statd
|
| services.firewalld.settings.DefaultZone | Default zone for connections.
|
| services.firewalld.services.<name>.version | Version of the service.
|
| services.firewalld.services.<name>.helpers | Helpers for the service.
|
| services.firewalld.zones.<name>.forwardPorts.*.port | |
| services.dae.openFirewall | Open the firewall port.
|
| services.miredo.bindPort | Depending on the local firewall/NAT rules, you might need to force
Miredo to use a fixed UDP port and or IPv4 address.
|
| services.firewalld.settings.ReloadPolicy | The policy during reload.
|
| services.firewalld.zones.<name>.forwardPorts.*.to-port | |
| services.nbd.server.listenPort | Port to listen on
|
| services.mediatomb.openFirewall | If false (the default), this is up to the user to declare the firewall rules
|
| services.prometheus.exporters.exportarr-prowlarr.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.exportarr-prowlarr.openFirewall
is true
|
| services.aria2.openPorts | Open listen and RPC ports found in settings.listen-port and
settings.rpc-listen-port options in the firewall.
|
| services.firewalld.settings.FlushAllOnReload | Whether to flush all runtime rules on a reload.
|
| services.firewalld.zones.<name>.ports.*.protocol | |
| services.fedimintd.<name>.api.openFirewall | Opens port in firewall for fedimintd's api port
|
| services.firewalld.services.<name>.sourcePorts | Source ports for the service.
|
| services.firewalld.zones.<name>.protocols | Protocols to allow in the zone.
|
| services.qui.openFirewall | Whether or not to open ports in the firewall for qui.
|
| services.firewalld.zones.<name>.forwardPorts.*.to-addr | Destination IP address.
|
| services.nfs.server.mountdPort | Use fixed port for rpc.mountd, useful if server is behind firewall.
|
| services.prometheus.exporters.modemmanager.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.modemmanager.openFirewall
is true
|
| services.n8n.openFirewall | Open ports in the firewall for the n8n web interface.
|
| services.firewalld.settings.LogDenied | Add logging rules right before reject and drop rules in the INPUT, FORWARD and OUTPUT chains for the default rules and also final reject and drop rules in zones for the configured link-layer packet type.
|
| services.nfs.server.lockdPort | Use a fixed port for the NFS lock manager kernel module
(lockd/nlockmgr)
|
| services.tor.openFirewall | Whether to enable opening of the relay port(s) in the firewall.
|
| services.firewalld.services.<name>.sourcePorts.*.port | |
| services.send.openFirewall | Whether to open firewall ports for send
|
| services.plex.openFirewall | Open ports in the firewall for the media server.
|
| services.firewalld.services.<name>.includes | Services to include for the service.
|
| services.ombi.openFirewall | Open ports in the firewall for the Ombi web interface.
|
| services.xrdp.openFirewall | Whether to open the firewall for the specified RDP port.
|
| services.gnome.rygel.enable | Whether to enable Rygel UPnP Mediaserver
|
| services.node-red.openFirewall | Open ports in the firewall for the server.
|
| services.croc.openFirewall | Whether to enable opening of the peer port(s) in the firewall.
|
| services.ergo.openFirewall | Open ports in the firewall for the Ergo node as well as the API.
|
| services.firewalld.zones.<name>.egressPriority | Priority for outbound traffic
|
| services.plikd.openFirewall | Open ports in the firewall for the plikd.
|
| services.omnom.openFirewall | Whether to open ports in the firewall.
|
| services.snmpd.openFirewall | Open port in firewall for snmpd.
|
| services.tika.openFirewall | Whether to open the firewall for Apache Tika
|
| services.firewalld.zones.<name>.interfaces | Interfaces to bind.
|
| services.znc.openFirewall | Whether to open ports in the firewall for ZNC
|
| services.atuin.openFirewall | Open ports in the firewall for the atuin server.
|
| services.memos.openFirewall | Whether to enable opening the ports in the firewall.
|
| services.firewalld.zones.<name>.masquerade | Whether to enable masquerading in the zone.
|
| services.cook-cli.openFirewall | Whether to open the cook-cli server port in the firewall.
|
| services.flood.openFirewall | Whether to open the firewall for the port in services.flood.port.
|
| services.komga.openFirewall | Whether to open the firewall for the port in services.komga.settings.server.port.
|
| services.gatus.openFirewall | Whether to open the firewall for the Gatus web interface.
|
| services.paisa.openFirewall | Open ports in the firewall for the Paisa web server.
|
| services.stash.openFirewall | Open ports in the firewall for the Stash web interface.
|
| services.firewalld.services.<name>.ports.*.protocol | |
| services.firewalld.services.<name>.protocols | Protocols for the service.
|
| services.firewalld.zones.<name>.sourcePorts.*.protocol | |
| services.karma.openFirewall | Whether to open ports in the firewall needed for karma to function.
|
| services.rqbit.openFirewall | Whether to enable opening of the HTTP and Peer ports in the firewall.
|
| services.shoko.openFirewall | Open ports in the firewall for the ShokoAnime api and web interface.
|
| services.samba.openFirewall | Whether to enable opening the default ports in the firewall for Samba.
|
| services.wivrn.openFirewall | Whether to enable the default ports in the firewall for the WiVRn server.
|
| services.firewalld.zones.<name>.ingressPriority | Priority for inbound traffic
|
| services.nix-serve.openFirewall | Open ports in the firewall for nix-serve.
|
| services.llama-cpp.openFirewall | Open ports in the firewall for LLaMA C++ server.
|
| services.lidarr.openFirewall | Open ports in the firewall for Lidarr
|
| services.slskd.openFirewall | Whether to open the firewall for the soulseek network listen port (not the web interface port).
|
| networking.nftables.extraDeletions | Extra deletion commands to be run on every firewall start, reload
and after stopping the firewall.
|
| services.etcd.openFirewall | Open etcd ports in the firewall
|
| services.actual.openFirewall | Whether to open the firewall for the specified port.
|
| services.immich.openFirewall | Whether to open the immich port in the firewall
|
| services.firewalld.zones.<name>.forwardPorts.*.protocol | |
| services.deluge.web.openFirewall | Open ports in the firewall for deluge web daemon
|
| services.dae.openFirewall.enable | Whether to enable opening port in the firewall.
|
| services.firewalld.zones.<name>.sources.*.address | An IP address or a network IP address with a mask for IPv4 or IPv6
|
| services.prometheus.exporters.pgbouncer.openFirewall | Open port in firewall for incoming connections.
|
| services.deconz.openFirewall | Whether to enable opening up the service ports in the firewall.
|
| services.bazarr.openFirewall | Open ports in the firewall for the bazarr web interface.
|
| services.porn-vault.openFirewall | Whether to open the Porn-Vault port in the firewall.
|
| services.sonarr.openFirewall | Open ports in the firewall for the Sonarr web interface
|
| services.nitter.openFirewall | Open ports in the firewall for Nitter web interface.
|
| services.radarr.openFirewall | Open ports in the firewall for the Radarr web interface.
|
| services.redlib.openFirewall | Open ports in the firewall for the redlib web interface
|
| services.firewalld.zones.<name>.description | Description for the zone.
|
| services.firewalld.zones.<name>.icmpBlockInversion | Whether to invert the icmp block handling
|
| services.mpd.openFirewall | Open ports in the firewall for mpd
|
| services.glance.openFirewall | Whether to open the firewall for Glance
|
| services.ollama.openFirewall | Whether to open the firewall for ollama
|
| services.murmur.openFirewall | Whether to enable opening ports in the firewall for the Mumble server.
|
| services.yggdrasil.openMulticastPort | Whether to open the UDP port used for multicast peer discovery
|
| services.miredo.bindAddress | Depending on the local firewall/NAT rules, you might need to force
Miredo to use a fixed UDP port and or IPv4 address.
|
| services.avahi.openFirewall | Whether to open the firewall for UDP port 5353
|
| services.veilid.openFirewall | Whether to open firewall on ports 5150/tcp, 5150/udp
|
| services.meme-bingo-web.openFirewall | Whether to enable Opens the specified port in the firewall.
.
|
| services.openarena.openPorts | Whether to open firewall ports for OpenArena
|
| services.teeworlds.openPorts | Whether to open firewall ports for Teeworlds.
|
| services.hardware.lcd.server.openPorts | Open the ports in the firewall
|
| services.open-webui.openFirewall | Whether to open the firewall for Open-WebUI
|
| services.mchprs.openFirewall | Whether to open ports in the firewall for the server
|
| services.roon-server.openFirewall | Open ports in the firewall for the server.
|
| services.roon-bridge.openFirewall | Open ports in the firewall for the bridge.
|
| services.firewalld.services.<name>.sourcePorts.*.protocol | |
| services.iperf3.openFirewall | Open ports in the firewall for iperf3.
|
| services.llama-swap.openFirewall | Whether to open the firewall for llama-swap
|
| services.firewalld.settings.NftablesCounters | Whether to add a counter to every nftables rule.
|
| services.fedimintd.<name>.api_ws.openFirewall | Opens TCP port in firewall for fedimintd's Websocket API
|
| services.corteza.openFirewall | Whether to open ports in the firewall.
|
| services.glances.openFirewall | Open port in the firewall for glances.
|
| services.grafana.openFirewall | Open the ports in the firewall for the server.
|
| services.polaris.openFirewall | Open the configured port in the firewall.
|
| services.readarr.openFirewall | Open ports in the firewall for Readarr
|
| services.screego.openFirewall | Open the firewall port(s).
|
| boot.initrd.network.ifstate.cleanupSettings | Content of IfState's initrd cleanup configuration file
|
| services.druid.broker.openFirewall | Open firewall ports for Druid Broker.
|
| services.druid.router.openFirewall | Open firewall ports for Druid Router.
|
| services.firewalld.settings.NftablesTableOwner | If enabled, the generated nftables rule set will be owned exclusively by firewalld
|
| services.esphome.openFirewall | Whether to open the firewall for the specified port.
|
| services.livekit.openFirewall | Opens port range for LiveKit on the firewall.
|
| services.marytts.openFirewall | Whether to open the port in the firewall for MaryTTS.
|
| services.pgadmin.openFirewall | Whether to enable firewall passthrough for pgadmin4.
|
| services.owncast.openFirewall | Open the appropriate ports in the firewall for owncast.
|
| services.vmagent.openFirewall | Whether to open the firewall for the default ports.
|
| services.vlagent.openFirewall | Whether to open the firewall for the default ports.
|
| services.beszel.agent.openFirewall | Whether to open the firewall port (default 45876).
|
| services.pihole-ftl.openFirewallDNS | Open ports in the firewall for pihole-FTL's DNS server.
|
| services.cassandra.jmxPort | Specifies the default port over which Cassandra will be available for
JMX connections
|
| services.autobrr.openFirewall | Open ports in the firewall for the Autobrr web interface.
|
| services.jackett.openFirewall | Open ports in the firewall for the Jackett web interface.
|
| services.biboumi.openFirewall | Whether to enable opening of the identd port in the firewall.
|
| services.sharkey.openFirewall | Whether to open ports in the NixOS firewall for Sharkey.
|
| services.openssh.openFirewall | Whether to automatically open the specified ports in the firewall.
|
| services.umurmur.openFirewall | Open ports in the firewall for the uMurmur Mumble server.
|
| services.serviio.openFirewall | Open ports in the firewall for the Serviio Media Server.
|
| services.sabnzbd.openFirewall | Open ports in the firewall for the sabnzbd web interface
|
| services.pdfding.openFirewall | Open ports in the firewall for the PdfDing web interface.
|
| services.zitadel.openFirewall | Whether to open the port specified in listenPort in the firewall.
|
| services.xonotic.openFirewall | Open the firewall for TCP and UDP on the specified port.
|
| services.uptermd.openFirewall | Whether to open the firewall for the port in services.uptermd.port.
|
| services.vwifi.server.openFirewall | Whether to enable opening the firewall for the TCP and spy ports.
|
| services.firewalld.services.<name>.destination.ipv4 | IPv4 destination.
|
| services.firewalld.services.<name>.destination.ipv6 | IPv6 destination.
|
| services.calibre-web.openFirewall | Open ports in the firewall for the server.
|
| services.hadoop.hbase.rest.openFirewall | Open firewall ports for HBase rest.
|
| programs.mosh.openFirewall | Whether to automatically open the necessary ports in the firewall.
|
| services.freeciv.openFirewall | Whether to enable opening the firewall for the port listening for clients.
|
| services.kthxbye.openFirewall | Whether to open ports in the firewall needed for the daemon to function.
|
| services.orthanc.openFirewall | Whether to open the firewall for Orthanc
|
| services.litellm.openFirewall | Whether to open the firewall for LiteLLM
|
| services.firewalld.services.<name>.destination | Destinations for the service.
|
| services.firewalld.services.<name>.description | Description for the service.
|
| services.zabbixAgent.openFirewall | Open ports in the firewall for the Zabbix Agent.
|
| services.zabbixProxy.openFirewall | Open ports in the firewall for the Zabbix Proxy.
|
| services.etesync-dav.openFirewall | Whether to open the firewall for the specified port.
|
| services.radicle.node.openFirewall | Whether to enable opening the firewall for radicle-node.
|
| programs.alvr.openFirewall | Whether to open the default ports in the firewall for the ALVR server.
|
| services.unifi.openFirewall | Whether or not to open the minimum required ports on the firewall
|
| services.pihole-ftl.openFirewallDHCP | Open ports in the firewall for pihole-FTL's DHCP server.
|
| services.immich-kiosk.openFirewall | Whether to open the firewall for the immich-kiosk port.
|
| services.haste-server.openFirewall | Whether to enable firewall passthrough for haste-server.
|
| services.firewalld.settings.StrictForwardPorts | If enabled, the generated destination NAT (DNAT) rules will NOT accept traffic that was DNAT'd by other entities, e.g. docker
|
| services.anki-sync-server.openFirewall | Whether to open the firewall for the specified port.
|
| services.caddy.openFirewall | Whether to enable opening the specified http(s) ports in the firewall
|
| services.netbird.server.coturn.openPorts | The list of ports used by coturn for listening to open in the firewall.
|
| services.quake3-server.openFirewall | Open the firewall.
|
| services.public-inbox.openFirewall | Whether to enable opening the firewall when using a port option.
|
| services.devpi-server.openFirewall | Whether to enable opening the default ports in the firewall for Devpi Server.
|
| services.mycelium.openFirewall | Open the firewall for mycelium
|
| services.zapret.params | Specify the bypass parameters for Zapret binary
|
| services.tmate-ssh-server.openFirewall | Whether to automatically open the specified ports in the firewall.
|
| services.hadoop.hdfs.httpfs.openFirewall | Open firewall ports for HDFS JournalNode.
|
| services.matter-server.openFirewall | Whether to open the port in the firewall.
|
| services.terraria.openFirewall | Whether to open ports in the firewall
|
| services.metabase.openFirewall | Open ports in the firewall for Metabase.
|
| services.tautulli.openFirewall | Open ports in the firewall for Tautulli.
|
| services.portunus.ldap.tls | Whether to enable LDAPS protocol
|
| services.ersatztv.openFirewall | Open the default ports in the firewall for the server.
|
| services.spoolman.openFirewall | Open the appropriate ports in the firewall for spoolman.
|
| services.sunshine.openFirewall | Whether to automatically open ports in the firewall.
|
| services.opensnitch.enable | Whether to enable Opensnitch application firewall.
|
| services.zabbixServer.openFirewall | Open ports in the firewall for the Zabbix Server.
|
| services.netbird.server.coturn.enable | Whether to enable a Coturn server for Netbird, will also open the firewall on the configured range.
|
| services.libeufin.bank.openFirewall | Whether to open ports in the firewall
|
| services.gemstash.openFirewall | Whether to open the firewall for the port in services.gemstash.bind.
|
| services.endlessh.openFirewall | Whether to open a firewall port for the SSH listener.
|
| services.rtorrent.openFirewall | Whether to open the firewall for the port in services.rtorrent.port.
|
| services.prowlarr.openFirewall | Open ports in the firewall for the Prowlarr web interface.
|
| services.whisparr.openFirewall | Open ports in the firewall for the Whisparr web interface.
|
| services.fedimintd.<name>.api_iroh.openFirewall | Opens UDP port in firewall for fedimintd's API Iroh endpoint
|
| services.hadoop.hbase.thrift.openFirewall | Open firewall ports for HBase thrift.
|
| services.hadoop.hbase.master.openFirewall | Open firewall ports for HBase master.
|
| services.chromadb.openFirewall | Whether to automatically open the specified TCP port in the firewall.
|
| services.factorio.openFirewall | Whether to automatically open the specified UDP port in the firewall.
|
| services.scrutiny.openFirewall | Whether to enable opening the default ports in the firewall for Scrutiny.
|
| services.endlessh-go.openFirewall | Whether to open a firewall port for the SSH listener.
|
| services.eternal-terminal.port | The port the server should listen on
|
| services.webhook.openFirewall | Open the configured port in the firewall for external ingress traffic
|
| services.firewalld.settings.NftablesFlowtable | This may improve forwarded traffic throughput by enabling nftables flowtable
|
| services.printing.openFirewall | Whether to open the firewall for TCP ports specified in
listenAddresses option.
|
| services.pingvin-share.openFirewall | Whether to open the firewall for the port in services.pingvin-share.frontend.port.
|
| services.saunafs.master.openFirewall | Whether to automatically open the necessary ports in the firewall.
|
| programs.sharing.enable | Whether to enable sharing, a CLI tool for sharing files
|
| services.libeufin.nexus.openFirewall | Whether to open ports in the firewall
|
| services.taler.exchange.openFirewall | Whether to open ports in the firewall
|
| services.taler.merchant.openFirewall | Whether to open ports in the firewall
|
| services.minidlna.openFirewall | Whether to enable opening HTTP (TCP) and SSDP (UDP) ports in the firewall.
|
| services.stalwart.openFirewall | Whether to open TCP firewall ports, which are specified in
services.stalwart.settings.server.listener on all interfaces.
|
| services.druid.overlord.openFirewall | Open firewall ports for Druid Overlord.
|
| services.moosefs.master.openFirewall | Whether to automatically open required firewall ports for master service.
|
| services.docling-serve.openFirewall | Whether to open the firewall for Docling Serve
|
| services.etebase-server.openFirewall | Whether to open ports in the firewall for the server.
|
| services.livekit.ingress.openFirewall.rtc | Open WebRTC ports in the firewall.
|
| services.librechat.openFirewall | Whether to open the port in the firewall.
|
| services.bitmagnet.openFirewall | Open DHT ports in firewall
|
| services.octoprint.openFirewall | Open ports in the firewall for OctoPrint.
|
| networking.nat.enable | Whether to enable Network Address Translation (NAT)
|
| services.calibre-server.openFirewall | Open ports in the firewall for the Calibre Server web interface.
|
| services.redis.servers.<name>.openFirewall | Whether to open ports in the firewall for the server.
|
| services.udp-over-tcp.tcp2udp.<name>.openFirewall | Open the appropriate ports in the firewall.
|
| services.udp-over-tcp.udp2tcp.<name>.openFirewall | Open the appropriate ports in the firewall.
|
| services.immich-public-proxy.openFirewall | Whether to open the IPP port in the firewall
|
| services.tailscale.openFirewall | Whether to open the firewall for the specified port.
|
| services.navidrome.openFirewall | Whether to open the TCP port in the firewall
|
| services.pangolin.openFirewall | Whether to enable opening TCP ports 80 and 443, and UDP port 51820 in the firewall for the Pangolin service(s).
|
| services.livekit.ingress.openFirewall.rtmp | Open RTMP port in the firewall.
|
| services.livekit.ingress.openFirewall.whip | Open WHIP port in the firewall.
|
| services.deluge.openFirewall | Whether to open the firewall for the ports in
services.deluge.config.listen_ports
|
| services.lanraragi.openFirewall | Open ports in the firewall for LANraragi's web interface.
|
| services.pinchflat.openFirewall | Open ports in the firewall for the Pinchflat web interface
|
| services.overseerr.openFirewall | Open a port in the firewall for the Overseerr web interface.
|
| services.stalwart-mail.openFirewall | Whether to open TCP firewall ports, which are specified in
services.stalwart-mail.settings.server.listener on all interfaces.
|
| services.icecream.daemon.openFirewall | Whether to automatically open receive port in the firewall.
|
| services.druid.middleManager.openFirewall | Open firewall ports for Druid middleManager.
|
| services.blendfarm.openFirewall | Whether to enable allowing blendfarm network access through the firewall.
|
| services.local-content-share.openFirewall | Whether to automatically open the specified port in the firewall
|
| services.hadoop.hdfs.datanode.openFirewall | Open firewall ports for HDFS DataNode.
|
| services.hadoop.hdfs.namenode.openFirewall | Open firewall ports for HDFS NameNode.
|
| services.cockroachdb.openPorts | Open firewall ports for cluster communication by default
|
| services.opensnitch.rules | Declarative configuration of firewall rules
|
| services.dockerRegistry.openFirewall | Opens the port used by the firewall.
|
| services.shairport-sync.openFirewall | Whether to automatically open ports in the firewall.
|
| services.home-assistant.openFirewall | Whether to open the firewall for the specified port.
|
| services.lasuite-meet.livekit.openFirewall | Whether to enable Open firewall ports for livekit.
|
| services.firewalld.settings.IPv6_rpfilter | Performs reverse path filtering (RPF) on IPv6 packets as per RFC 3704
|
| services.hadoop.hbase.regionServer.openFirewall | Open firewall ports for HBase regionServer.
|
| services.jellyfin.openFirewall | Open the default ports in the firewall for the media server
|
| services.pixiecore.openFirewall | Open ports (67, 69, 4011 UDP and 'port', 'statusPort' TCP) in the firewall for Pixiecore.
|
| networking.wireguard.interfaces.<name>.fwMark | Mark all wireguard packets originating from
this interface with the given firewall mark
|
| services.suwayomi-server.openFirewall | Whether to open the firewall for the port in services.suwayomi-server.settings.server.port.
|
| services.broadcast-box.web.openFirewall | Whether to enable opening the HTTP server port and, if enabled, the HTTPS redirect server
port in the firewall.
.
|
| services.reaction.runAsRoot | Whether to run reaction as root
|
| services.nzbhydra2.openFirewall | Open ports in the firewall for the NZBHydra2 web interface.
|
| services.pulseaudio.tcp.openFirewall | Whether to enable Open firewall for the specified port.
|
| services.zoneminder.openFirewall | Open the firewall port(s).
|
| programs.steam.remotePlay.openFirewall | Open ports in the firewall for Steam Remote Play.
|
| services.fedimintd.<name>.ui.openFirewall | Opens TCP port in firewall for built-in UI
|
| services.broadcast-box.openFirewall | Whether to enable opening WebRTC traffic ports in the firewall
|
| services.beanstalkd.openFirewall | Whether to open ports in the firewall for the server.
|
| services.linkwarden.openFirewall | Whether to open the Linkwarden port in the firewall
|
| services.icecream.daemon.openBroadcast | Whether to automatically open the firewall for scheduler discovery.
|
| services.jellyseerr.openFirewall | Open port in the firewall for the Jellyseerr web interface.
|
| services.lubelogger.openFirewall | Open ports in the firewall for the LubeLogger web interface.
|
| services.snapserver.openFirewall | Whether to automatically open the specified ports in the firewall.
|
| services.szurubooru.openFirewall | Whether to open the firewall for the port in services.szurubooru.server.port.
|
| services.taskserver.openFirewall | Whether to open the firewall for the specified Taskserver port.
|
| services.wgautomesh.openFirewall | Automatically open gossip port in firewall (recommended).
|
| services.homebridge.openFirewall | Open ports in the firewall for the Homebridge web interface and service.
|
| services.keepalived.openFirewall | Whether to automatically allow VRRP and AH packets in the firewall.
|
| services.fedimintd.<name>.p2p.openFirewall | Opens port in firewall for fedimintd's p2p port (both TCP and UDP)
|
| programs.envision.openFirewall | Whether to enable the default ports in the firewall for the WiVRn server.
|
| services.crossfire-server.openFirewall | Whether to open ports in the firewall for the server.
|
| services.minecraft-server.openFirewall | Whether to open ports in the firewall for the server.
|
| services.druid.historical.openFirewall | Open firewall ports for Druid Historical.
|
| services.transmission.openRPCPort | Whether to enable opening of the RPC port in the firewall.
|
| services.gotosocial.openFirewall | Open the configured port in the firewall
|
| services.reposilite.openFirewall | Whether to open the firewall ports for Reposilite
|
| services.cloudflare-warp.openFirewall | Whether to enable opening UDP ports in the firewall.
|
| services.tailscale.derper.openFirewall | Whether to open the firewall for the specified port
|
| services.lighthouse.beacon.openFirewall | Open the port in the firewall
|
| services.mirakurun.openFirewall | Open ports in the firewall for Mirakurun.
Exposing Mirakurun to the open internet is generally advised
against
|
| services.teamspeak3.openFirewall | Open ports in the firewall for the TeamSpeak3 server.
|
| services.zapret.configureFirewall | Whether to setup firewall routing so that system http(s) traffic is forwarded via this service
|
| services.pihole-ftl.openFirewallWebserver | Open ports in the firewall for pihole-FTL's webserver, as configured in settings.webserver.port.
|
| services.transmission.openPeerPorts | Whether to enable opening of the peer port(s) in the firewall.
|
| services.filebrowser.openFirewall | Whether to enable opening firewall ports for FileBrowser.
|
| services.spacecookie.openFirewall | Whether to open the necessary port in the firewall for spacecookie.
|
| services.netbird.clients.<name>.openFirewall | Opens up firewall port for communication between NetBird peers directly over LAN or public IP,
without using (internet-hosted) TURN servers as intermediaries.
|
| services.netbird.tunnels.<name>.openFirewall | Opens up firewall port for communication between NetBird peers directly over LAN or public IP,
without using (internet-hosted) TURN servers as intermediaries.
|
| services.icecream.scheduler.openFirewall | Whether to automatically open the daemon port in the firewall.
|
| services.qbittorrent.openFirewall | Whether to enable opening both the webuiPort and torrentPort over TCP in the firewall.
|
| services.druid.coordinator.openFirewall | Open firewall ports for Druid Coordinator.
|
| services.opensnitch.settings.Firewall | Which firewall backend to use.
|
| programs.localsend.openFirewall | Whether to enable opening the firewall port 53317 for receiving files.
|
| services.homepage-dashboard.openFirewall | Open ports in the firewall for Homepage.
|
| services.cassandra.rpcAddress | The address or interface to bind the native transport server to
|
| services.adguardhome.openFirewall | Open ports in the firewall for the AdGuard Home web interface
|
| services.hadoop.hdfs.journalnode.openFirewall | Open firewall ports for HDFS JournalNode.
|
| services.epgstation.openFirewall | Open ports in the firewall for the EPGStation web interface.
Exposing EPGStation to the open internet is generally advised
against
|
| services.jitsi-videobridge.openFirewall | Whether to open ports in the firewall for the videobridge.
|
| services.syncthing.openDefaultPorts | Whether to open the default ports in the firewall: TCP/UDP 22000 for transfers
and UDP 21027 for discovery
|
| services.silverbullet.openFirewall | Open port in the firewall.
|
| services.flaresolverr.openFirewall | Open the port in the firewall for FlareSolverr.
|
| services.photonvision.openFirewall | Whether to open the required ports in the firewall.
|
| services.kubernetes.flannel.openFirewallPorts | Whether to open the Flannel UDP ports in the firewall on all interfaces.
|
| services.saunafs.chunkserver.openFirewall | Whether to automatically open the necessary ports in the firewall.
|
| services.prometheus.exporters.sql.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.zfs.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.pve.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.lnd.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.nut.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.frr.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.kea.openFirewall | Open port in firewall for incoming connections.
|
| services.moosefs.chunkserver.openFirewall | Whether to automatically open required firewall ports for chunkserver service.
|
| services.hadoop.yarn.nodemanager.openFirewall | Open firewall ports for nodemanager
|
| services.foundationdb.openFirewall | Open the firewall ports corresponding to FoundationDB processes and coordinators
using config.networking.firewall.*.
|
| services.prometheus.exporters.ipmi.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.knot.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.bind.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.mail.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.bird.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.flow.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.php-fpm.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.ebpf.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.mqtt.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.nats.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.snmp.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.ping.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.json.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.node.openFirewall | Open port in firewall for incoming connections.
|
| services.netbird.tunnels.<name>.openInternalFirewall | Opens up internal firewall ports for the NetBird's network interface.
|
| services.netbird.clients.<name>.openInternalFirewall | Opens up internal firewall ports for the NetBird's network interface.
|
| programs.ausweisapp.openFirewall | Whether to open the required firewall ports for the Smartphone as Card Reader (SaC) functionality of AusweisApp.
|
| services.prometheus.exporters.dmarc.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.v2ray.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.idrac.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.kafka.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.nginx.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.jitsi.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.redis.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.fritz.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.node-cert.openFirewall | Open port in firewall for incoming connections.
|
| programs.steam.dedicatedServer.openFirewall | Open ports in the firewall for Source Dedicated Server.
|
| services.technitium-dns-server.openFirewall | Whether to open ports in the firewall
|
| services.teamspeak3.openFirewallServerQuery | Open ports in the firewall for the TeamSpeak3 serverquery (administration) system
|
| services.torrentstream.openFirewall | Open ports in the firewall for TorrentStream daemon.
|
| services.prometheus.exporters.fastly.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.statsd.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.rspamd.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.tibber.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.script.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.domain.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.dnssec.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.deluge.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.mysqld.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.restic.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.chrony.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.pihole.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.shelly.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.nvidia-gpu.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.systemd.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.klipper.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.dovecot.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.postfix.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.varnish.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.libvirt.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.bitcoin.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.process.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.apcupsd.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.mongodb.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.sabnzbd.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.dnsmasq.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.unbound.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.ecoflow.openFirewall | Open port in firewall for incoming connections.
|
| services.openssh.listenAddresses | List of addresses and ports to listen on (ListenAddress directive
in config)
|
| services.taskchampion-sync-server.openFirewall | Whether to enable Open firewall port for taskchampion-sync-server.
|
| services.prometheus.exporters.py-air-control.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.rtl_433.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.unpoller.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.keylight.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.collectd.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.nginxlog.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.mikrotik.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.influxdb.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.graphite.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.smartctl.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.postgres.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.fritzbox.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.blackbox.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.opnsense.openFirewall | Open port in firewall for incoming connections.
|
| services.librenms.useDistributedPollers | Enables distributed pollers
for this LibreNMS instance
|
| services.audiobookshelf.openFirewall | Open ports in the firewall for the Audiobookshelf web interface.
|
| services.prometheus.exporters.imap-mailstat.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.mailman3.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.rasdaemon.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.wireguard.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.nextcloud.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.borgmatic.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.smokeping.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.junos-czerwonk.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.surfboard.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.tailscale.openFirewall | Open port in firewall for incoming connections.
|
| programs.steam.localNetworkGameTransfers.openFirewall | Open ports in the firewall for Steam Local Network Game Transfers.
|
| services.prometheus.alertmanager.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.buildkite-agent.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.storagebox.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.scaphandre.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.exportarr-radarr.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.exportarr-lidarr.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.exportarr-bazarr.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.exportarr-sonarr.openFirewall | Open port in firewall for incoming connections.
|
| services.hadoop.yarn.resourcemanager.openFirewall | Open firewall ports for resourcemanager
|
| services.prometheus.alertmanagerGotify.openFirewall | Opens the bridge port in the firewall.
|
| services.prometheus.exporters.exportarr-readarr.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.artifactory.openFirewall | Open port in firewall for incoming connections.
|
| networking.nftables.enable | Whether to enable nftables and use nftables based firewall if enabled.
nftables is a Linux-based packet filtering framework intended to
replace frameworks like iptables
|
| services.prometheus.exporters.exportarr-prowlarr.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.modemmanager.openFirewall | Open port in firewall for incoming connections.
|
| virtualisation.forwardPorts | When using the SLiRP user networking (default), this option allows to
forward ports to/from the host/guest.
If the NixOS firewall on the virtual machine is enabled, you also
have to open the guest ports to enable the traffic between host and
guest.
Currently QEMU supports only IPv4 forwarding.
|
| virtualisation.podman.networkSocket.openFirewall | Whether to open the port in the firewall.
|
| networking.interfaces.<name>.proxyARP | Turn on proxy_arp for this device
|
| networking.wg-quick.interfaces.<name>.peers.*.persistentKeepalive | This is optional and is by default off, because most
users will not need it
|
| networking.wireguard.interfaces.<name>.peers.*.persistentKeepalive | This is optional and is by default off, because most
users will not need it
|
| virtualisation.oci-containers.containers.<name>.ports | Network ports to publish from the container to the outer host
|