{ config, lib, pkgs, ... }:

let
 firewallcfg = config.machine.firewall;
in {
  networking = {
    hostName = config.machine.hostName;

    firewall = {
      enable = true;
      allowPing = firewallcfg.allowPing;
      allowedUDPPorts = firewallcfg.allowedUDPPorts;
      allowedTCPPorts = firewallcfg.allowedTCPPorts;
      allowedUDPPortRanges = firewallcfg.allowedUDPPortRanges;
      allowedTCPPortRanges = firewallcfg.allowedTCPPortRanges;
    };
  };
}