Hi, On 12/11/13 12:24, Pablo Costa wrote:
> on nixpkgs/nixos/modules/services/printing/cupsd.nix there is this line: > > 226 # Allow CUPS to receive IPP printer announcements via UDP. > 227 networking.firewall.allowedUDPPorts = [ 631 ]; > > which results on this rule in the nixos-fw chain: > > nixos-fw-accept udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 > <http://0.0.0.0/0> > udp dpt:631 > > I would expect a way to disable this default behaviour, e.g. a boolean value > such as: > services.printing.{listen|accept}NetworkAnnouncements > or > services.printing.openFirewall > > How do you feel about this? I agreed. Given that CUPS works perfectly fine for many uses without that rule, port 631 should not be opened by default. -- Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/ _______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
