{ config, lib, ... }:

with lib;

let
  cfg = config.settings.hardware.firewall;
in {
  options = {
    settings.hardware.firewall.enable = lib.mkOption {
      type = lib.types.bool;
      description = ''
        Enable firewall
      '';
    };
  };

  config = mkIf cfg.enable {
    networking.firewall = {
      enable = true;
      allowedTCPPorts = [ ];
      allowedUDPPorts = [ ];
    };
  };
}