From: Mark Wooding <mdw@distorted.org.uk>
Date: Mon, 30 May 2022 14:36:49 +0000 (+0100)
Subject: fender.m4, ibanez.m4, vampire.m4: Invoke `footables' via `run'.
X-Git-Url: https://git.distorted.org.uk/~mdw/firewall/commitdiff_plain/4942d7c1381f147b6c1f06e035d710e29b45dae0

fender.m4, ibanez.m4, vampire.m4: Invoke `footables' via `run'.
---

diff --git a/fender.m4 b/fender.m4
index 00375a2..07a441d 100644
--- a/fender.m4
+++ b/fender.m4
@@ -34,13 +34,13 @@ allowservices inbound tcp \
 ntpclient inbound $ntp_servers
 
 ## Provide NTP service to untrusted clients.
-iptables -A inbound -p udp -j ACCEPT \
+run iptables -A inbound -p udp -j ACCEPT \
 	--source-port 123 --destination-port 123 \
 	-s 172.29.198.0/23
-ip6tables -A inbound -p udp -j ACCEPT \
+run ip6tables -A inbound -p udp -j ACCEPT \
 	--source-port 123 --destination-port 123 \
 	-s 2001:ba8:1d9::/48
-ip6tables -A inbound -p udp -j ACCEPT \
+run ip6tables -A inbound -p udp -j ACCEPT \
 	--source-port 123 --destination-port 123 \
 	-s 2001:8b0:c92::/48
 
diff --git a/ibanez.m4 b/ibanez.m4
index 617200b..d70b46e 100644
--- a/ibanez.m4
+++ b/ibanez.m4
@@ -36,13 +36,13 @@ allowservices inbound udp \
 ntpclient inbound $ntp_servers
 
 ## Provide NTP service to untrusted clients.
-iptables -A inbound -p udp -j ACCEPT \
+run iptables -A inbound -p udp -j ACCEPT \
 	--source-port 123 --destination-port 123 \
 	-s 172.29.198.0/23
-ip6tables -A inbound -p udp -j ACCEPT \
+run ip6tables -A inbound -p udp -j ACCEPT \
 	--source-port 123 --destination-port 123 \
 	-s 2001:ba8:1d9::/48
-ip6tables -A inbound -p udp -j ACCEPT \
+run ip6tables -A inbound -p udp -j ACCEPT \
 	--source-port 123 --destination-port 123 \
 	-s 2001:8b0:c92::/48
 
diff --git a/vampire.m4 b/vampire.m4
index bb91c7c..48d25b3 100644
--- a/vampire.m4
+++ b/vampire.m4
@@ -63,13 +63,13 @@ dnsserver inbound
 ntpclient inbound $ntp_servers
 
 ## Provide NTP service to untrusted clients.
-iptables -A inbound -p udp -j ACCEPT \
+run iptables -A inbound -p udp -j ACCEPT \
 	--source-port 123 --destination-port 123 \
 	-s 172.29.198.0/23
-ip6tables -A inbound -p udp -j ACCEPT \
+run ip6tables -A inbound -p udp -j ACCEPT \
 	--source-port 123 --destination-port 123 \
 	-s 2001:ba8:1d9::/48
-ip6tables -A inbound -p udp -j ACCEPT \
+run ip6tables -A inbound -p udp -j ACCEPT \
 	--source-port 123 --destination-port 123 \
 	-s 2001:8b0:c92::/48