From cb789d465f0bd13ecb63dce0f54f4be2506eb9b1 Mon Sep 17 00:00:00 2001
From: Mikhail Klementev <blame@dumpstack.io>
Date: Thu, 26 Dec 2019 17:42:58 +0000
Subject: [PATCH] Drop IPv6 output traffic by default

---
 networking.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/networking.nix b/networking.nix
index 7631180..08f907f 100644
--- a/networking.nix
+++ b/networking.nix
@@ -14,6 +14,9 @@ in {
   networking.firewall = {
     enable = true;
     extraCommands = ''
+      ip6tables -F OUTPUT
+      ip6tables -P OUTPUT DROP
+
       iptables -F OUTPUT
       iptables -P OUTPUT DROP