/ nixos-options.md
nixos-options.md
1 ## networking\.nftables\.tables 2 3 Tables to be added to ruleset\. 4 Tables will be added together with delete statements to clean up the table before every update\. 5 6 7 8 *Type:* 9 attribute set of (submodule) 10 11 *Declared by:* 12 - [module\.nix](https://radicle.defelo.de/nodes/radicle.defelo.de/rad:z38ibAcVXcV86bVdfdMY9JXJcX5ZN/tree/module\.nix) 13 14 15 16 ## networking\.nftables\.tables\.\<name>\.chains 17 18 19 20 Chains to be added to the table\. 21 22 23 24 *Type:* 25 attribute set of (submodule) 26 27 28 29 *Default:* 30 ` { } ` 31 32 *Declared by:* 33 - [module\.nix](https://radicle.defelo.de/nodes/radicle.defelo.de/rad:z38ibAcVXcV86bVdfdMY9JXJcX5ZN/tree/module\.nix) 34 35 36 37 ## networking\.nftables\.tables\.\<name>\.chains\.\<name>\.enable 38 39 40 41 Enable this chain\. 42 43 44 45 *Type:* 46 boolean 47 48 49 50 *Default:* 51 ` true ` 52 53 *Declared by:* 54 - [module\.nix](https://radicle.defelo.de/nodes/radicle.defelo.de/rad:z38ibAcVXcV86bVdfdMY9JXJcX5ZN/tree/module\.nix) 55 56 57 58 ## networking\.nftables\.tables\.\<name>\.chains\.\<name>\.content 59 60 61 62 Chain content\. Constructed by other options if not overridden\. 63 64 65 66 *Type:* 67 strings concatenated with “\\n” 68 69 *Declared by:* 70 - [module\.nix](https://radicle.defelo.de/nodes/radicle.defelo.de/rad:z38ibAcVXcV86bVdfdMY9JXJcX5ZN/tree/module\.nix) 71 72 73 74 ## networking\.nftables\.tables\.\<name>\.chains\.\<name>\.defaultRules\.enable 75 76 77 78 Whether to enable default rules depending on the chain type and hook\. 79 80 81 82 *Type:* 83 boolean 84 85 86 87 *Default:* 88 ` false ` 89 90 91 92 *Example:* 93 ` true ` 94 95 *Declared by:* 96 - [module\.nix](https://radicle.defelo.de/nodes/radicle.defelo.de/rad:z38ibAcVXcV86bVdfdMY9JXJcX5ZN/tree/module\.nix) 97 98 99 100 ## networking\.nftables\.tables\.\<name>\.chains\.\<name>\.defaultRules\.ct_state 101 102 103 104 Accept related/established, drop invalid\. Applies if type = filter\. 105 106 107 108 *Type:* 109 boolean 110 111 *Declared by:* 112 - [module\.nix](https://radicle.defelo.de/nodes/radicle.defelo.de/rad:z38ibAcVXcV86bVdfdMY9JXJcX5ZN/tree/module\.nix) 113 114 115 116 ## networking\.nftables\.tables\.\<name>\.chains\.\<name>\.defaultRules\.icmp_pings 117 118 119 120 Accept ICMP echo requests (“pings”)\. 121 122 123 124 *Type:* 125 boolean 126 127 128 129 *Default:* 130 ` false ` 131 132 *Declared by:* 133 - [module\.nix](https://radicle.defelo.de/nodes/radicle.defelo.de/rad:z38ibAcVXcV86bVdfdMY9JXJcX5ZN/tree/module\.nix) 134 135 136 137 ## networking\.nftables\.tables\.\<name>\.chains\.\<name>\.defaultRules\.icmpv6 138 139 140 141 Accept basic ICMPv6 request types\. Applies if type = filter \&\& hook = input\. 142 143 144 145 *Type:* 146 boolean 147 148 *Declared by:* 149 - [module\.nix](https://radicle.defelo.de/nodes/radicle.defelo.de/rad:z38ibAcVXcV86bVdfdMY9JXJcX5ZN/tree/module\.nix) 150 151 152 153 ## networking\.nftables\.tables\.\<name>\.chains\.\<name>\.defaultRules\.lo 154 155 156 157 Accept traffic from ` lo ` (loopback)\. Applies if type = filter \&\& hook = input\. 158 159 160 161 *Type:* 162 boolean 163 164 *Declared by:* 165 - [module\.nix](https://radicle.defelo.de/nodes/radicle.defelo.de/rad:z38ibAcVXcV86bVdfdMY9JXJcX5ZN/tree/module\.nix) 166 167 168 169 ## networking\.nftables\.tables\.\<name>\.chains\.\<name>\.header 170 171 172 173 Chain header\. Constructed by other options if not overridden\. 174 175 176 177 *Type:* 178 null or string 179 180 181 182 *Default:* 183 ` null ` 184 185 186 187 *Example:* 188 ` "type filter hook input priority 0; policy drop;" ` 189 190 *Declared by:* 191 - [module\.nix](https://radicle.defelo.de/nodes/radicle.defelo.de/rad:z38ibAcVXcV86bVdfdMY9JXJcX5ZN/tree/module\.nix) 192 193 194 195 ## networking\.nftables\.tables\.\<name>\.chains\.\<name>\.hook 196 197 198 199 Chain hook\. 200 201 202 203 *Type:* 204 null or one of “ingress”, “prerouting”, “forward”, “input”, “output”, “postrouting”, “egress” 205 206 207 208 *Default:* 209 ` null ` 210 211 *Declared by:* 212 - [module\.nix](https://radicle.defelo.de/nodes/radicle.defelo.de/rad:z38ibAcVXcV86bVdfdMY9JXJcX5ZN/tree/module\.nix) 213 214 215 216 ## networking\.nftables\.tables\.\<name>\.chains\.\<name>\.name 217 218 219 220 Chain name\. Defaults to the attribute name\. 221 222 223 224 *Type:* 225 string 226 227 *Declared by:* 228 - [module\.nix](https://radicle.defelo.de/nodes/radicle.defelo.de/rad:z38ibAcVXcV86bVdfdMY9JXJcX5ZN/tree/module\.nix) 229 230 231 232 ## networking\.nftables\.tables\.\<name>\.chains\.\<name>\.policy 233 234 235 236 Chain policy\. 237 238 239 240 *Type:* 241 null or one of “accept”, “drop” 242 243 244 245 *Default:* 246 ` null ` 247 248 *Declared by:* 249 - [module\.nix](https://radicle.defelo.de/nodes/radicle.defelo.de/rad:z38ibAcVXcV86bVdfdMY9JXJcX5ZN/tree/module\.nix) 250 251 252 253 ## networking\.nftables\.tables\.\<name>\.chains\.\<name>\.priority 254 255 256 257 Chain priority\. 258 259 260 261 *Type:* 262 null or signed integer 263 264 265 266 *Default:* 267 ` null ` 268 269 *Declared by:* 270 - [module\.nix](https://radicle.defelo.de/nodes/radicle.defelo.de/rad:z38ibAcVXcV86bVdfdMY9JXJcX5ZN/tree/module\.nix) 271 272 273 274 ## networking\.nftables\.tables\.\<name>\.chains\.\<name>\.rules 275 276 277 278 Chain rules\. 279 280 281 282 *Type:* 283 nested list of string 284 285 286 287 *Default:* 288 ` [ ] ` 289 290 *Declared by:* 291 - [module\.nix](https://radicle.defelo.de/nodes/radicle.defelo.de/rad:z38ibAcVXcV86bVdfdMY9JXJcX5ZN/tree/module\.nix) 292 293 294 295 ## networking\.nftables\.tables\.\<name>\.chains\.\<name>\.type 296 297 298 299 Chain type\. 300 301 302 303 *Type:* 304 null or one of “filter”, “nat”, “route” 305 306 307 308 *Default:* 309 ` null ` 310 311 *Declared by:* 312 - [module\.nix](https://radicle.defelo.de/nodes/radicle.defelo.de/rad:z38ibAcVXcV86bVdfdMY9JXJcX5ZN/tree/module\.nix) 313 314