From 4324dceddc50fcf948797462b183af3cbc3eed11 Mon Sep 17 00:00:00 2001
From: Rouven Seifert <rouven@rfive.de>
Date: Tue, 14 Nov 2023 14:00:22 +0100
Subject: [PATCH] firewall: stop logging every refused connection

---
 hosts/quitte/network.nix | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/hosts/quitte/network.nix b/hosts/quitte/network.nix
index 0148ec2..a194b4e 100644
--- a/hosts/quitte/network.nix
+++ b/hosts/quitte/network.nix
@@ -20,7 +20,10 @@ in
     useNetworkd = true;
     nftables.enable = true;
 
-    firewall.allowedUDPPorts = [ wireguard_port ];
+    firewall = {
+      allowedUDPPorts = [ wireguard_port ];
+      logRefusedConnections = false;
+    };
     wireguard.enable = true;
   };