{ ... }: { networking = { firewall = { enable = true; interfaces = { tailscale0 = { allowedTCPPorts = [ 53 # DNS 80 # HTTP 443 # HTTPS ]; }; wireguard0 = { allowedTCPPorts = [ # 53 # DNS 80 # HTTP 443 # HTTPS 42420 # Vintage Story 25565 # Minecraft 1443 # Headscale DERP (tcp) 25 # Mailserver 143 # Mailserver 465 # Mailserver 587 # Mailserver 993 # Mailserver 4190 # Mailserver 4443 # Jitsi ]; allowedUDPPorts = [ # 53 # DNS (udp) 10000 # Jitsi Meet (udp) # 15636 # Enshrouded - Game # 15637 # Enshrouded - Query Port ]; }; }; }; }; }