### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
###--------------------------------------------------------------------------
-### Config settings.
-
-## This host isn't a router.
-setconf(forward, 0)
-
-## This host is involved in a routing asymmetry.
-setconf(rp_filter, 0)
-setconf(log_martians, 0)
-
-###--------------------------------------------------------------------------
### jem-specific rules.
-m4_divert(84)m4_dnl
+m4_divert(86)m4_dnl
## Set up the SAUCE sinbin. Unfortunately, ipset is a bit brittle. This
## isn't a completely critical part of the firewall security, so don't make
## this fail the entire script.
ssh \
ident \
smtp submission \
+ imaps \
http https \
- imaps
+ git
## Provide DNS resolution to local untrusted hosts.
for p in tcp udp; do
-p $p --destination-port $port_dns
done
+## Other interesting things.
+dnsresolver inbound
+
m4_divert(-1)
###----- That's all, folks --------------------------------------------------