~mdw / firewall / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
radius.m4: Allow IPv6 tunnel from Hurricane Electric UK endpoint.
[firewall] / bookends.m4
diff --git a/bookends.m4 b/bookends.m4
index 02f7859..ed5dcc7 100644 (file)
--- a/bookends.m4
+++ b/bookends.m4
@@ -68,8 +68,8 @@ if [ -x /sbin/brctl ]; then
 fi
 
 ## Turn on the reverse-path filter, and log weird things.
-setdevopt rp_filter 1
-setdevopt log_martians 1
+setdevopt rp_filter $rp_filter
+setdevopt log_martians $log_martians
 
 ## Turn off things which can mess with our routing decisions.
 setdevopt accept_source_route 0
@@ -144,11 +144,11 @@ m4_divert(90)m4_dnl
 
 m4_divert(94)m4_dnl
 ## Locally generated packets are all OK.
-run iptables -P OUTPUT ACCEPT
+run ip46tables -P OUTPUT ACCEPT
 
 ## Other incoming things are forbidden.
 for chain in INPUT FORWARD; do
-  run iptables -A $chain -g forbidden
+  run ip46tables -A $chain -g forbidden
 done
 
 m4_divert(-1)
Firewall scripts for distorted.org.uk.