From 694cc6172a4c717d03ec80c2081c2a3f329484d5 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 8 Apr 2014 09:42:05 +0200 Subject: [PATCH] Enable the firewall by default Fixes #2135. --- nixos/doc/manual/release-notes.xml | 18 ++++++++++++++---- nixos/modules/services/networking/firewall.nix | 2 +- 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/nixos/doc/manual/release-notes.xml b/nixos/doc/manual/release-notes.xml index 8899cbb2149..68feb80e090 100644 --- a/nixos/doc/manual/release-notes.xml +++ b/nixos/doc/manual/release-notes.xml @@ -21,10 +21,6 @@ enhancements are the following: NixOS is now based on Glibc 2.18 and GCC 4.8. - The mysql55 service has been merged into the - mysql service, which no longer sets a default for the 'package - option. - @@ -34,10 +30,24 @@ following incompatible changes: + The firewall is now enabled by default. If you don’t + want this, you need to disable it explicitly: + + +networking.firewall.enable = false; + + + + The option has been renamed to . + The mysql55 service has been + merged into the mysql service, which no longer + sets a default for the option + . + diff --git a/nixos/modules/services/networking/firewall.nix b/nixos/modules/services/networking/firewall.nix index 07e05fa6d05..62d92ba50e1 100644 --- a/nixos/modules/services/networking/firewall.nix +++ b/nixos/modules/services/networking/firewall.nix @@ -54,7 +54,7 @@ in networking.firewall.enable = mkOption { type = types.bool; - default = false; + default = true; description = '' Whether to enable the firewall. This is a simple stateful