X-Git-Url: https://git.distorted.org.uk/~mdw/firewall/blobdiff_plain/42dae9aeec781a3f02a87673e7b64d20facb9659..401b8357d090cef33a394d08ab7794a0d2a73700:/bookends.m4

diff --git a/bookends.m4 b/bookends.m4
index b51f8ae..b29047b 100644
--- a/bookends.m4
+++ b/bookends.m4
@@ -217,5 +217,17 @@ for chain in INPUT FORWARD; do
   run ip46tables -A $chain -g forbidden
 done
 
+## Allow stuff through unknown tables.
+for ip in ip ip6; do
+  for table in $(cat /proc/net/${ip}_tables_names); do
+    case $table in mangle | filter) continue ;; esac
+    ${ip}tables -nL -t $table |
+    sed -n '/^Chain \([^ ]\+\) (policy .*$/ s//\1/p ' |
+    while read chain; do
+      run ${ip}tables -t $table -P $chain ACCEPT
+    done
+  done
+done
+
 m4_divert(-1)
 ###----- That's all, folks --------------------------------------------------