From 65d79890493600b09dc01209a378c070f2f0a028 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 29 Jul 2015 15:50:37 +0200
Subject: add firewall reject instead of drop

---
 makefu/1systems/pnp.nix | 1 +
 1 file changed, 1 insertion(+)

(limited to 'makefu/1systems/pnp.nix')

diff --git a/makefu/1systems/pnp.nix b/makefu/1systems/pnp.nix
index 536e08187..549658983 100644
--- a/makefu/1systems/pnp.nix
+++ b/makefu/1systems/pnp.nix
@@ -40,6 +40,7 @@
 
 # networking.firewall is enabled by default
   networking.firewall.allowedTCPPorts = [ 80 ];
+  networking.firewall.rejectPackets = true;
   networking.firewall.allowPing = true;
 
   fileSystems."/" =
-- 
cgit v1.2.3