From 29a9e571a23dd5d66b30b67af207b53bf132bb4c Mon Sep 17 00:00:00 2001
From: Mark Wooding <mdw@distorted.org.uk>
Date: Wed, 1 Apr 2015 19:38:19 +0100
Subject: [PATCH] jem.m4, vampire.m4: Cull some external services.

jem never provided externally facing email.  vampire used to, but
doesn't any more.  It also doesn't provide a slew of other random
services.  Block them all.
---
 jem.m4     |  1 -
 vampire.m4 | 10 +---------
 2 files changed, 1 insertion(+), 10 deletions(-)

diff --git a/jem.m4 b/jem.m4
index a1e9f92..4a9f9c6 100644
--- a/jem.m4
+++ b/jem.m4
@@ -36,7 +36,6 @@ iptables -A inbound -g sauce -m set --match-set sauce src || :
 allowservices inbound tcp \
 	ssh \
 	ident \
-	smtp submission \
 	imaps \
 	http https rsync \
 	git
diff --git a/vampire.m4 b/vampire.m4
index e016358..ed9bd9b 100644
--- a/vampire.m4
+++ b/vampire.m4
@@ -27,16 +27,8 @@
 m4_divert(86)m4_dnl
 ## Externally visible services.
 allowservices inbound tcp \
-	finger ident \
+	ident \
 	ssh \
-	smtp submission \
-	gnutella_svc \
-	ftp ftp_data \
-	rsync \
-	imaps \
-	disorder mpd \
-	http https squid \
-	git \
 	tor_public tor_directory i2p
 allowservices inbound udp \
 	tripe \
-- 
2.11.0