mediaserver: drop no-op firewall rules, close unused DR forwards

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
rope 2026-06-11 10:00:02 +01:00
parent f65675bd80
commit 8dd70a2d9d
12 changed files with 8 additions and 37 deletions

View file

@ -45,8 +45,7 @@
};
};
# LAN DNS — router blocks WAN:53 so this is effectively LAN-only
networking.firewall.allowedTCPPorts = [ 53 ];
networking.firewall.allowedUDPPorts = [ 53 ];
# LAN clients reach :53 via the nftables "LAN trusted" rule in router.nix;
# WAN:53 is dropped there.
};
}