Ferm.conf syntax fixes

[hcoop/zz_old/debian/hcoop-firewall-config.git] / files / ferm.conf.hcoop

diff --git a/files/ferm.conf.hcoop b/files/ferm.conf.hcoop
index 12c90d7..500a573 100644 (file)
--- a/files/ferm.conf.hcoop
+++ b/files/ferm.conf.hcoop
@@ -31,7 +31,7 @@ table filter {
        # system ports
        @include 'service.in.d/';
        @include 'local_ports_in.conf';
-       #@include 'users_tcp_in.conf'
+       @include 'users_tcp_in.conf';
     }
     chain OUTPUT {
         policy DROP;
@@ -47,6 +47,7 @@ table filter {
        proto tcp dport 1235 ACCEPT;
 
        proto (tcp udp) dport ( kerberos afs3-fileserver afs3-callback afs3-prserver afs3-vlserver afs3-volser afs3-errors afs3-bos ) ACCEPT;
+       proto tcp dport kerberos-adm ACCEPT;
 
        proto (tcp udp) dport ntp ACCEPT;
        proto (tcp udp) dport domain ACCEPT;
@@ -56,7 +57,7 @@ table filter {
 
        @include 'service.out.d/';
        @include 'local_ports_out.conf';
-       #include 'users_tcp_out.conf'
+       @include 'users_tcp_out.conf';
     }
     chain FORWARD {
         policy DROP;
@@ -67,7 +68,7 @@ table filter {
     }
 }
 
-#include 'user_chains.conf'
+@include 'user_chains.conf';
 
 # IPv6:
 #domain ip6 {