~mdw / firewall / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
local.m4: Promote the NTP server configuration to a proper variable.
[firewall] / radius.m4
diff --git a/radius.m4 b/radius.m4
index b88293f..75a7700 100644 (file)
--- a/radius.m4
+++ b/radius.m4
@@ -31,7 +31,7 @@ setconf(log_martians, 0)
 ###--------------------------------------------------------------------------
 ### Network interfaces.
 
-m4_divert(44)m4_dnl
+m4_divert(28)m4_dnl
 ## Interface definitions.
 if_dmz=eth0
 if_trusted=eth1
@@ -46,7 +46,7 @@ m4_divert(-1)
 ###--------------------------------------------------------------------------
 ### radius-specific rules.
 
-m4_divert(82)m4_dnl
+m4_divert(84)m4_dnl
 ## Externally visible services.
 allowservices inbound tcp \
        ident \
@@ -71,6 +71,10 @@ run iptables -A inbound -j ACCEPT \
 ## Other interesting things.
 dnsresolver inbound
 
+## IPv6 6-in-4 tunnel.
+run iptables -A inbound -j ACCEPT \
+       -p $proto_ipv6 -s 216.66.80.26
+
 ## NAT for RFC1918 addresses.
 for i in PREROUTING OUTPUT POSTROUTING; do
   run iptables -t nat -P $i ACCEPT 2>/dev/null || :
Firewall scripts for distorted.org.uk.