X-Git-Url: https://git.distorted.org.uk/~mdw/firewall/blobdiff_plain/07fa6792dc7093240022e6c7bc8ecd526fd18ac1..HEAD:/telecaster.m4

diff --git a/telecaster.m4 b/telecaster.m4
index 4e7c787..103d11b 100644
--- a/telecaster.m4
+++ b/telecaster.m4
@@ -29,16 +29,23 @@ m4_divert(86)m4_dnl
 allowservices inbound tcp \
 	ssh \
 	ident \
-	ftp ftp_data \
+	smtp \
+	ftp ftps \
 	rsync \
 	http https squid ssquid
 
+allowservices inbound-untrusted tcp \
+	sunrpc mount nfs
+allowservices inbound-untrusted udp \
+	sunrpc mount nfs
+
 run iptables -A inbound -j ACCEPT \
 	-p udp --destination-port $port_icp \
 	-m limit --limit 10/second --limit-burst 100
 
 ## Other interesting things.
 dnsresolver inbound
+dnsserver inbound
 
 m4_divert(-1)
 ###----- That's all, folks --------------------------------------------------