From 86c975b5410e71dd9ba9faf4cca909e70adea3a0 Mon Sep 17 00:00:00 2001
From: Mark Wooding <mdw@distorted.org.uk>
Date: Sun, 12 Feb 2012 01:52:29 +0000
Subject: [PATCH] bookends.m4: Open up tables we clobbered at exit.

Otherwise the `raw' table gets left dropping everything.  I've no idea
why this didn't actually break everything for ages.
---
 bookends.m4 | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/bookends.m4 b/bookends.m4
index b51f8ae..b29047b 100644
--- a/bookends.m4
+++ b/bookends.m4
@@ -217,5 +217,17 @@ for chain in INPUT FORWARD; do
   run ip46tables -A $chain -g forbidden
 done
 
+## Allow stuff through unknown tables.
+for ip in ip ip6; do
+  for table in $(cat /proc/net/${ip}_tables_names); do
+    case $table in mangle | filter) continue ;; esac
+    ${ip}tables -nL -t $table |
+    sed -n '/^Chain \([^ ]\+\) (policy .*$/ s//\1/p ' |
+    while read chain; do
+      run ${ip}tables -t $table -P $chain ACCEPT
+    done
+  done
+done
+
 m4_divert(-1)
 ###----- That's all, folks --------------------------------------------------
-- 
2.11.0