From 30fa569bdc9921e7689d8022497c1b8ff440d765 Mon Sep 17 00:00:00 2001
From: Sebastien Bourdeauducq <sb@m-labs.hk>
Date: Mon, 30 Jan 2023 16:08:27 +0800
Subject: [PATCH] nixbld: block more insecure devices

---
 nixbld-etc-nixos/configuration.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/nixbld-etc-nixos/configuration.nix b/nixbld-etc-nixos/configuration.nix
index 7f7331e..dc05151 100644
--- a/nixbld-etc-nixos/configuration.nix
+++ b/nixbld-etc-nixos/configuration.nix
@@ -134,6 +134,9 @@ in
         iptables -w -N block-insecure-devices
         iptables -w -A block-insecure-devices -m mac --mac-source 00:20:0c:6c:ee:ba -j DROP  # keysight SA
         iptables -w -A block-insecure-devices -m mac --mac-source 74:5b:c5:20:c1:5f -j DROP  # siglent scope
+        iptables -w -A block-insecure-devices -m mac --mac-source 00:0a:35:00:01:23 -j DROP  # function generator
+        iptables -w -A block-insecure-devices -m mac --mac-source 74:5b:c5:21:f1:ee -j DROP  # siglent scope #2
+        iptables -w -A block-insecure-devices -m mac --mac-source 00:19:af:5b:dd:58 -j DROP  # power supply
         iptables -w -A FORWARD -j block-insecure-devices
       '';
       extraStopCommands = ''