~mdw / firewall / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f0033e0)
vampire.m4: Extend services to untrusted hosts over IPv6.
authorMark Wooding <mdw@distorted.org.uk>
Sun, 11 Mar 2012 16:19:17 +0000 (16:19 +0000)
committerMark Wooding <mdw@distorted.org.uk>
Sun, 11 Mar 2012 16:39:20 +0000 (16:39 +0000)
vampire.m4 patch | blob | blame | history

diff --git a/vampire.m4 b/vampire.m4
index fa79ee2..b3257c7 100644 (file)
--- a/vampire.m4
+++ b/vampire.m4
@@ -47,8 +47,8 @@ allowservices inbound udp \
 
 ## Extend some services to local untrusted hosts.
 clearchain inbound-untrusted
-run iptables -A inbound -j inbound-untrusted \
-       -s 172.29.198.0/24
+run iptables -A inbound -j inbound-untrusted -s $net_inet_untrusted
+run ip6tables -A inbound -j inbound-untrusted -s $net_inet6_untrusted
 
 allowservices inbound-untrusted tcp \
        dns \
Firewall scripts for distorted.org.uk.