summaryrefslogtreecommitdiffstats
path: root/krebs/3modules
diff options
context:
space:
mode:
Diffstat (limited to 'krebs/3modules')
-rw-r--r--krebs/3modules/iptables.nix3
-rw-r--r--krebs/3modules/lass/default.nix6
2 files changed, 8 insertions, 1 deletions
diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix
index 9596229de..4b99873a1 100644
--- a/krebs/3modules/iptables.nix
+++ b/krebs/3modules/iptables.nix
@@ -20,6 +20,7 @@ let
flatten
length
hasAttr
+ hasPrefix
mkEnableOption
mkOption
mkIf
@@ -123,7 +124,7 @@ let
buildRule = tn: cn: rule:
#target validation test:
- assert (elem rule.target ([ "ACCEPT" "REJECT" "DROP" "QUEUE" "LOG" "RETURN" ] ++ (attrNames ts."${tn}")));
+ assert (elem rule.target ([ "ACCEPT" "REJECT" "DROP" "QUEUE" "LOG" "RETURN" ] ++ (attrNames ts."${tn}"))) || hasPrefix "REDIRECT" rule.target;
#predicate validation test:
#maybe use iptables-test
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index b4686894e..adca66dad 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -12,6 +12,7 @@ with config.krebs.lib;
aliases = [
"dishfire.internet"
];
+ ssh.port = 45621;
};
retiolum = {
via = internet;
@@ -44,6 +45,7 @@ with config.krebs.lib;
aliases = [
"echelon.internet"
];
+ ssh.port = 45621;
};
retiolum = {
via = internet;
@@ -79,6 +81,7 @@ with config.krebs.lib;
aliases = [
"prism.internet"
];
+ ssh.port = 45621;
};
retiolum = {
via = internet;
@@ -143,6 +146,7 @@ with config.krebs.lib;
aliases = [
"cloudkrebs.internet"
];
+ ssh.port = 45621;
};
retiolum = {
via = internet;
@@ -174,6 +178,7 @@ with config.krebs.lib;
gg23 = {
ip4.addr = "10.23.1.12";
aliases = ["uriel.gg23"];
+ ssh.port = 45621;
};
retiolum = {
ip4.addr = "10.243.81.176";
@@ -205,6 +210,7 @@ with config.krebs.lib;
gg23 = {
ip4.addr = "10.23.1.11";
aliases = ["mors.gg23"];
+ ssh.port = 45621;
};
retiolum = {
ip4.addr = "10.243.0.2";