nixbld: block more insecure devices

This commit is contained in:
Sebastien Bourdeauducq 2023-01-30 16:08:27 +08:00
parent 9dee7c1888
commit 30fa569bdc

View File

@ -134,6 +134,9 @@ in
iptables -w -N block-insecure-devices iptables -w -N block-insecure-devices
iptables -w -A block-insecure-devices -m mac --mac-source 00:20:0c:6c:ee:ba -j DROP # keysight SA iptables -w -A block-insecure-devices -m mac --mac-source 00:20:0c:6c:ee:ba -j DROP # keysight SA
iptables -w -A block-insecure-devices -m mac --mac-source 74:5b:c5:20:c1:5f -j DROP # siglent scope iptables -w -A block-insecure-devices -m mac --mac-source 74:5b:c5:20:c1:5f -j DROP # siglent scope
iptables -w -A block-insecure-devices -m mac --mac-source 00:0a:35:00:01:23 -j DROP # function generator
iptables -w -A block-insecure-devices -m mac --mac-source 74:5b:c5:21:f1:ee -j DROP # siglent scope #2
iptables -w -A block-insecure-devices -m mac --mac-source 00:19:af:5b:dd:58 -j DROP # power supply
iptables -w -A FORWARD -j block-insecure-devices iptables -w -A FORWARD -j block-insecure-devices
''; '';
extraStopCommands = '' extraStopCommands = ''