From 15a96c6883e40d29dfcb03650db18abf28eb7157 Mon Sep 17 00:00:00 2001
From: Filippo Berto <berto.f@protonmail.com>
Date: Tue, 9 Nov 2021 23:05:10 +0100
Subject: [PATCH] Fix firewall ports

---
 nixos/loki.nix | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/nixos/loki.nix b/nixos/loki.nix
index 5a8ab4b..eb6fcf4 100644
--- a/nixos/loki.nix
+++ b/nixos/loki.nix
@@ -191,6 +191,22 @@
       };
     };
 
+  networking.firewall = {
+    enable = true;
+    allowPing = true;
+    allowedTCPPorts = [
+      445 # SAMBA
+      139 # SAMBA
+      8384 # SYNCTHING
+      8385 # SYNCTHING
+    ];
+    allowedUDPPorts = [
+      137 # SYNCTHING
+      138 # SYNCTHING
+    ];
+    extraCommands = ''iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns'';
+  };
+
   virtualisation = {
     docker.enable = true;
     kvmgt.enable = true;