diff options
| author | Kenny Ballou <kballou@devnulllabs.io> | 2019-11-28 18:18:54 -0700 |
|---|---|---|
| committer | Kenny Ballou <kballou@devnulllabs.io> | 2019-11-28 18:24:54 -0700 |
| commit | cffa2bdce0133745c31c072bb0bed331fab6d583 (patch) | |
| tree | faeacf1781b37e94202e02f4dab255186563c8e3 /eligos | |
| parent | cea9bf388486b26dfc4f17d5d0642098681bb2ef (diff) | |
| download | cfg.nix-cffa2bdce0133745c31c072bb0bed331fab6d583.tar.gz cfg.nix-cffa2bdce0133745c31c072bb0bed331fab6d583.tar.xz | |
eligos: blacklist iptables kernel module
Similar to 95db843 ("phenex: module blacklist iptables", Mon Nov 18
23:17:01 2019 -0700), we want to blacklist the iptables module such that
it does not interfere with nftables modules.
Signed-off-by: Kenny Ballou <kballou@devnulllabs.io>
Diffstat (limited to 'eligos')
| -rw-r--r-- | eligos/configuration.nix | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/eligos/configuration.nix b/eligos/configuration.nix index 515344d..d75737c 100644 --- a/eligos/configuration.nix +++ b/eligos/configuration.nix @@ -77,9 +77,13 @@ keyFile = "/etc/cvg2"; fallbackToPassword = true; }; - }; + }; }; + boot.blacklistedKernelModules = [ + "iptables" + ]; + # Some programs need SUID wrappers, can be configured further or are # started in user sessions. programs.mtr.enable = true; |