rewrite networking modules

modules/net/firewall.nix

@@ -0,0 +1,40 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  config = {
+    networking = {
+      firewall = {
+        enable = true;
+        allowedTCPPorts = [
+          # ssh
+          22
+
+          # http, https
+          80
+          443
+
+          # syncthing
+          22000
+
+          # mumble
+          64738
+        ];
+        allowedUDPPorts = [
+          8080
+
+          # other
+          12333
+
+          # syncthing discovery
+          21027
+
+          # mumble
+          64738
+        ];
+      };
+    };
+  };
+}