From 7654ccfd97f532359770795e873e6244dcebb113 Mon Sep 17 00:00:00 2001
From: Ivan Bushchik <ivabus@ivabus.dev>
Date: Sat, 9 Dec 2023 20:14:41 +0300
Subject: [PATCH] Allow outgoing pings

Signed-off-by: Ivan Bushchik <ivabus@ivabus.dev>
---
 common/security.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/common/security.nix b/common/security.nix
index c7bbc90..1eac112 100644
--- a/common/security.nix
+++ b/common/security.nix
@@ -19,6 +19,9 @@
   boot.kernel.sysctl = {
     "kernel.sysrq" = 0;
 
+    # Yo, WTF?
+    "net.ipv4.ping_group_range" = "0 1000";
+
     # Picked from https://github.com/trimstray/the-practical-linux-hardening-guide/wiki/Network-stack
 
     "net.ipv4.icmp_ignore_bogus_error_responces" = 1;