X-Git-Url: https://git.distorted.org.uk/~mdw/firewall/blobdiff_plain/401b8357d090cef33a394d08ab7794a0d2a73700..a4d8cae3892c13a32f941ef96b24eaa6930500cb:/base.m4

diff --git a/base.m4 b/base.m4
index 3a0172d..8968025 100644
--- a/base.m4
+++ b/base.m4
@@ -29,24 +29,29 @@ m4_changecom(<:##:>)
 ### Overall structure.
 ###
 ###  0	File header: shebang, do-not-edit warning.		[base]
-###  5	Configuration.						[config]
+###  4	Configuration.						[config]
+###  6	  Local settings.					[local]
 ### 10	Prologue: command-line parsing and failsafe.		[prologue]
 ### 20	Function definitions.					[functions]
-### 25	Port numbers etc.					[numbers]
+### 24	Port numbers etc.					[numbers]
+### 26	Networks, hosts and interfaces.				[local]
 ### 30	Initialization.						[bookends]
 ### 30	  Clear existing rules.					[bookends]
 ### 32	  Set safe IP options.					[bookends]
 ### 34	  Error chains.						[bookends]
-### 36	  Give loopback traffic a free pass.			[bookends]
 ### 38	  Utility chains.					[functions]
 ### 40	Address classification.					[classify]
 ### 42	  Definition of address class policies.			[local]
 ### 44	  Definition of interfaces and addresses.		[local]
 ### 46	  Handling of default interface.			[classify]
-### 50	ICMP filtering.						[icmp]
-### 52	  Local configuration.					[local]
-### 58	  Finally accept ICMP, hook onto INPUT and FORWARD.	[icmp]
-### 60	Local configuration.					[local]
+### 50	Packet filter.						[bookends]
+### 60	ICMP filtering.						[icmp]
+### 62	  Local configuration.					[local]
+### 68	  Finally accept ICMP, hook onto INPUT and FORWARD.	[icmp]
+### 80	Local configuration.					[local]
+### 84	  Locally bound packet inspection.			[local]
+### 86	  Per-host configuration.				[HOST]
+### 88	  Final filtering.					[local]
 ### 90	Finishing touches.					[bookends]
 ### 94	  Set final policies.					[bookends]
 ### 99	File footer: do-not-edit warning.			[base]