1 files changed, 36 insertions, 0 deletions
diff --git a/configuration.nix b/configuration.nix
index c76e151..617a042 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -47,6 +47,42 @@
   networking = {
     domain = "loang.net";
     hostName = "brno";
+
+    nftables = {
+      enable = true;
+      ruleset = ''
+        table inet filter {
+          # https://openai.com/gptbot-ranges.txt
+          set gptbot_ipv4 {
+            type ipv4_addr
+            flags interval
+            elements = {
+              20.15.240.64/28,
+              20.15.240.80/28,
+              20.15.240.96/28,
+              20.15.240.176/28,
+              20.15.241.0/28,
+              20.15.242.128/28,
+              20.15.242.144/28,
+              20.15.242.192/28,
+              40.83.2.64/28
+            }
+          }
+
+          chain output {
+            type filter hook output priority 0
+            policy accept
+            ip daddr @gptbot_ipv4 counter reject
+          }
+
+          chain input {
+            type filter hook output priority 0
+            policy accept
+            ip saddr @gptbot_ipv4 counter reject
+          }
+        }
+      '';
+    };
   };
 
   security.sudo = {