是否可以在 NixOS 的 configuration.nix 中实现与以下 Puppet 等效的功能,而无需networking.firewall.extraCommands?
firewall { '200 limit incoming SSH connections to 6 per minute':
dport => 22,
proto => tcp,
recent => update,
rseconds => 60,
rhitcount => 6,
rname => 'SSH',
rsource => true,
action => drop,
} -> firewall { '201 allow incoming SSH connections':
dport => 22,
proto => tcp,
recent => set,
rname => 'SSH',
rsource => true,
action => accept,
}