X-Git-Url: http://git.squeep.com/?p=firewall-squeep;a=blobdiff_plain;f=router.sh;fp=router.sh;h=7b2c5ad1b228e9c4805a405db795cefed1e4d235;hp=b45d988dbb46fd412fc66d4562c037f9d9658d09;hb=3d7987337f881e38e8537233959c78054147e737;hpb=c52c7a2afd3178fc24d812e3a1e7692f8b052aff

diff --git a/router.sh b/router.sh
index b45d988..7b2c5ad 100755
--- a/router.sh
+++ b/router.sh
@@ -201,11 +201,7 @@ $IPTABLES -t nat -A POSTROUTING -o ${EXT_IF} -j SNAT --to ${EXT}
 # accept internal network traffic
 $IPTABLES -A INPUT -i ${INT_IF} -j ACCEPT
 
-# accept list of external ports
-$IPTABLES -A INPUT -i ${EXT_IF} -p tcp -m set --match-set allowed_tcp dst -j ACCEPT
-$IPTABLES -A INPUT -i ${EXT_IF} -p udp -m set --match-set allowed_udp dst -j ACCEPT
-$IP6TABLES -A INPUT -i ${EXT6_IF} -p tcp -m set --match-set allowed_tcp dst -j ACCEPT
-$IP6TABLES -A INPUT -i ${EXT6_IF} -p udp -m set --match-set allowed_udp dst -j ACCEPT
+./services ${EXT_IF} ${EXT6_IF}
 
 # load rules
 # inserts, so stack order matters