From 24226fb23dd2883f7aceefb82563adc127e3f963 Mon Sep 17 00:00:00 2001
From: Danilo Reyes <CaptainJawZ@outlook.com>
Date: Sat, 3 Jun 2023 21:12:50 -0600
Subject: [PATCH] setup open firewall ports

---
 configuration.nix | 15 +++++++++++++--
 configuration.org | 15 +++++++++++++--
 2 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/configuration.nix b/configuration.nix
index a73e766..3b1645f 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -1,5 +1,14 @@
 { config, pkgs, ... }:
 let
+  open_firewall_ports = [
+    80 # http
+    443 # https
+    25152 # ssh
+    49494 # gerbera
+  ];
+  open_firewall_port_ranges = [
+    { from = 1714;  to = 1764; } # kdeconnect
+  ];
   VERSION = "23.05";
   #   "https://github.com/nix-community/home-manager/archive/master.tar.gz";
   unstable_tarball = builtins.fetchTarball
@@ -694,8 +703,10 @@ systemd.user.services = {
   };
 };
 
-networking.firewall.allowedTCPPorts = [ 25152 80 443 ];
-networking.firewall.allowedUDPPorts = [ 25152 80 443 ];
+networking.firewall.allowedTCPPorts = open_firewall_ports;
+networking.firewall.allowedUDPPorts = open_firewall_ports;
+networking.firewall.allowedTCPPortRanges = open_firewall_port_ranges;
+networking.firewall.allowedUDPPortRanges = open_firewall_port_ranges;
 # networking.firewall.enable = false;
 
 system = {
diff --git a/configuration.org b/configuration.org
index e7539f6..35ae0b1 100755
--- a/configuration.org
+++ b/configuration.org
@@ -39,6 +39,15 @@ other functions.
 #+begin_src nix
 { config, pkgs, ... }:
 let
+  open_firewall_ports = [
+    80 # http
+    443 # https
+    25152 # ssh
+    49494 # gerbera
+  ];
+  open_firewall_port_ranges = [
+    { from = 1714;  to = 1764; } # kdeconnect
+  ];
   VERSION = "23.05";
   #   "https://github.com/nix-community/home-manager/archive/master.tar.gz";
   unstable_tarball = builtins.fetchTarball
@@ -995,8 +1004,10 @@ Open ports in the firewall.
 =TIP= list what app a port belongs to in a table.
 
 #+begin_src nix
-networking.firewall.allowedTCPPorts = [ 25152 80 443 ];
-networking.firewall.allowedUDPPorts = [ 25152 80 443 ];
+networking.firewall.allowedTCPPorts = open_firewall_ports;
+networking.firewall.allowedUDPPorts = open_firewall_ports;
+networking.firewall.allowedTCPPortRanges = open_firewall_port_ranges;
+networking.firewall.allowedUDPPortRanges = open_firewall_port_ranges;
 # networking.firewall.enable = false;
 #+end_src