X-Git-Url: https://git.hcoop.net/hcoop/domtool2.git/blobdiff_plain/470e9d68205632c5fe9a073ae15b08887b17b117..HEAD:/src/plugins/firewall.sml

diff --git a/src/plugins/firewall.sml b/src/plugins/firewall.sml
index 642379d..4c10f24 100644
--- a/src/plugins/firewall.sml
+++ b/src/plugins/firewall.sml
@@ -212,7 +212,7 @@ fun generateFirewallConfig rules =
 	    let
 		val _ = SysWord.toInt (Posix.ProcEnv.uidToWord (Posix.SysDB.Passwd.uid (Posix.SysDB.getpwnam uname)))
 	    in
-		TextIO.output (tcp_inf, "proto tcp mod comment comment \"user:" ^ uname ^ "\" {\n");
+		TextIO.output (tcp_inf, "proto (tcp udp) mod comment comment \"user:" ^ uname ^ "\" {\n");
 		TextIO.output (tcp_inf, concat lines);
 		TextIO.output (tcp_inf, "\n}\n\n")
 	    end handle OS.SysErr _ => print ("Invalid user " ^ uname ^ " in firewall config, skipping.\n") (* no sense in opening ports for bad users *)
@@ -221,7 +221,7 @@ fun generateFirewallConfig rules =
 	    let
 		val uid = SysWord.toInt (Posix.ProcEnv.uidToWord (Posix.SysDB.Passwd.uid (Posix.SysDB.getpwnam uname)))
 	    in
-		TextIO.output (tcp_outf, "mod owner uid-owner " ^ (Int.toString uid) ^ " mod comment comment \"user:" ^ uname ^ "\" proto tcp {\n");
+		TextIO.output (tcp_outf, "mod owner uid-owner " ^ (Int.toString uid) ^ " mod comment comment \"user:" ^ uname ^ "\" proto (tcp udp) {\n");
 		TextIO.output (tcp_outf, concat lines);
 		TextIO.output (tcp_outf, "\nDROP;\n}\n\n")
 	    end handle OS.SysErr _ => print ("Invalid user " ^ uname ^ " in firewall config, skipping.\n")