From: Mark Wooding <mdw@distorted.org.uk>
Date: Tue, 11 Dec 2012 09:33:04 +0000 (+0000)
Subject: numbers.m4, vampire.m4: Expose print server to local untrusted hosts.
X-Git-Url: https://git.distorted.org.uk/~mdw/firewall/commitdiff_plain/2d2c8f25b5538bb41669c2a1d59fd13bba615d49

numbers.m4, vampire.m4: Expose print server to local untrusted hosts.

Let's hope they don't use up all of my paper.
---

diff --git a/numbers.m4 b/numbers.m4
index d5ab0c1..f39fa99 100644
--- a/numbers.m4
+++ b/numbers.m4
@@ -43,6 +43,7 @@ defport netbios_ssn 139
 defport https 443
 defport microsoft_ds 445
 defport syslog 514			# UDP only!
+defport lpd 515
 defport submission 587
 defport ipmi 623
 defport rsync 873
diff --git a/vampire.m4 b/vampire.m4
index 3fb9595..34d5fde 100644
--- a/vampire.m4
+++ b/vampire.m4
@@ -50,6 +50,7 @@ run ip6tables -A inbound -j inbound-untrusted -s $net_inet6_untrusted
 
 allowservices inbound-untrusted tcp \
 	dns \
+	lpd \
 	netbios_ssn microsoft_ds
 allowservices inbound-untrusted udp \
 	dns \