From 9a12d78fc69d26df83e56d41e53a0a5f48f65ce3 Mon Sep 17 00:00:00 2001 From: Swarsel Date: Tue, 15 Oct 2024 13:36:10 +0200 Subject: [PATCH] fix: add firewall ports for kdeconnect --- SwarselSystems.org | 9 ++++++++- profiles/common/home/kdeconnect.nix | 1 + profiles/common/nixos/network.nix | 8 +++++++- 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/SwarselSystems.org b/SwarselSystems.org index 1edc590..05ff7b9 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -5451,7 +5451,13 @@ Here I only enable =networkmanager=. Most of the 'real' network config is done i firewall = { checkReversePath = lib.mkDefault false; enable = lib.mkDefault true; - allowedUDPPorts = [ 51820 ]; # 34197: factorio; 4380 27036 14242: barotrauma; 51820: wireguard + allowedUDPPorts = [ 51820 ]; # 51820: wireguard + allowedTCPPortRanges = [ + { from = 1714; to = 1764; } # kde-connect + ]; + allowedUDPPortRanges = [ + { from = 1714; to = 1764; } # kde-connect + ]; }; networkmanager = { @@ -9811,6 +9817,7 @@ This enables phone/computer communication, including sending clipboard, files et enable = true; indicator = true; }; + } #+end_src diff --git a/profiles/common/home/kdeconnect.nix b/profiles/common/home/kdeconnect.nix index 52751ce..1687db4 100644 --- a/profiles/common/home/kdeconnect.nix +++ b/profiles/common/home/kdeconnect.nix @@ -4,4 +4,5 @@ _: enable = true; indicator = true; }; + } diff --git a/profiles/common/nixos/network.nix b/profiles/common/nixos/network.nix index fb2ad17..7b8e46d 100644 --- a/profiles/common/nixos/network.nix +++ b/profiles/common/nixos/network.nix @@ -6,7 +6,13 @@ firewall = { checkReversePath = lib.mkDefault false; enable = lib.mkDefault true; - allowedUDPPorts = [ 51820 ]; # 34197: factorio; 4380 27036 14242: barotrauma; 51820: wireguard + allowedUDPPorts = [ 51820 ]; # 51820: wireguard + allowedTCPPortRanges = [ + { from = 1714; to = 1764; } # kde-connect + ]; + allowedUDPPortRanges = [ + { from = 1714; to = 1764; } # kde-connect + ]; }; networkmanager = {