Merge branch 'master' of git.distorted.org.uk:~mdw/publish/public-git/firewall

* 'master' of git.distorted.org.uk:~mdw/publish/public-git/firewall:
  jazz.m4, numbers.m4: Allow Privoxy access to SGO VPN.
  local.m4: Update external NTP servers.

diff --git a/jazz.m4 b/jazz.m4
index 2ec398e..af494e3 100644 (file)
--- a/jazz.m4
+++ b/jazz.m4
@@ -39,6 +39,9 @@ allowservices inbound udp \
 ## Other interesting things.
 dnsresolver inbound
 dnsserver inbound
+ip46tables -A inbound -p tcp -j ACCEPT \
+       -m mark --mark $from_noloop/$MASK_FROM \
+       --destination-port $port_privoxy
 
 ## Temporary NAT for iodine tunnel.
 for i in PREROUTING OUTPUT POSTROUTING; do

diff --git a/local.m4 b/local.m4
index b3c5009..c0874c5 100644 (file)
--- a/local.m4
+++ b/local.m4
@@ -27,7 +27,7 @@
 m4_divert(6)m4_dnl
 ## Default NTP servers.
 defconf(ntp_servers,
-       "158.152.1.76 158.152.1.204 194.159.253.2 195.173.57.232")
+       "81.187.26.174 90.155.23.205 2001:8b0:0:23::205 185.73.44.6 2001:ba8:0:2c06::")
 
 m4_divert(-1)
 ###--------------------------------------------------------------------------

diff --git a/numbers.m4 b/numbers.m4
index 4dbaf86..456ff84 100644 (file)
--- a/numbers.m4
+++ b/numbers.m4
@@ -62,6 +62,7 @@ defport postgresql 5432
 defport gnutella_svc 6346
 defport mpd 6600
 defport irc 6667
+defport privoxy 8118
 defport tor_public 9001
 defport tor_directory 9030
 defport git 9418