From 4f8c198960217f631e0fcb20e8615fc93c3d1da2 Mon Sep 17 00:00:00 2001
From: Mark Wooding <mdw@distorted.org.uk>
Date: Sat, 28 Feb 2015 12:43:49 +0000
Subject: [PATCH] local.m4: Reinstate detailed filtering from scary networks.

This got lost when I split scary out of untrusted.  Oops.
---
 local.m4 | 1 +
 1 file changed, 1 insertion(+)

diff --git a/local.m4 b/local.m4
index 59ab342..7e7ad15 100644
--- a/local.m4
+++ b/local.m4
@@ -370,6 +370,7 @@ openports inbound
 
 ## Inspect inbound packets from untrusted sources.
 run ip46tables -A inbound -j forbidden
+run ip46tables -A INPUT -m mark --mark $from_scary/$MASK_FROM -g inbound
 run ip46tables -A INPUT -m mark --mark $from_untrusted/$MASK_FROM -g inbound
 
 ## Allow responses from the scary outside world into the untrusted net, but
-- 
2.11.0