From f115b3cc9c8f24e479aca476e3ab2915e9b4addc Mon Sep 17 00:00:00 2001
From: Gardouille <gardouille@gmail.com>
Date: Sat, 10 Oct 2015 01:42:21 +0200
Subject: [PATCH] Firewall: Add a rule for HP printers on port 9100

---
 firewall | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/firewall b/firewall
index 2182815..0387ce3 100755
--- a/firewall
+++ b/firewall
@@ -200,9 +200,12 @@ fw_start() {
     $IPT -A OUTPUT -j ACCEPT -p tcp -o "${ILAN}" --dport 22 -m state --state NEW -m comment --comment "SSH out"
   fi
 
-  #### Mail (rapport d'erreur, ...)
+  #### Mail SMTP
+  ## Port 465 (SMTPS SSL) is deprecated)
   $IPT -A OUTPUT -j ACCEPT -p tcp -o "${ILAN}" --dport 25 -m state --state NEW -m comment --comment "SMTP out"
-  $IPT -A OUTPUT -j ACCEPT -p tcp -o "${ILAN}" --dport 587 -m state --state NEW -m comment --comment "SMTPS out"
+  $IPT -A OUTPUT -j ACCEPT -p tcp -o "${ILAN}" --dport 587 -m state --state NEW -m comment --comment "SMTP TLS out"
+
+  #### Mail IMPA
   $IPT -A OUTPUT -j ACCEPT -p tcp -o "${ILAN}" --dport 143 -m state --state NEW -m comment --comment "IMAP out"
   $IPT -A OUTPUT -j ACCEPT -p tcp -o "${ILAN}" --dport 993 -m state --state NEW -m comment --comment "IMAPS out"
 
@@ -264,6 +267,8 @@ fw_start() {
   if [ $(command -v cupsd) ]; then
     #### Printers
     $IPT -A OUTPUT -j ACCEPT -p udp -o "${ILAN}" -s "${IPLAN}" --dport 161 -m state --state NEW -m comment --comment "SNMP OUT"
+    #### HP Printers
+    $IPT -A OUTPUT -j ACCEPT -p tcp -o "${ILAN}" -s "${IPLAN}" --dport 9100 -m state --state NEW -m comment --comment "HP printer OUT"
   fi
 
 }
@@ -302,7 +307,7 @@ fw_log() {
 # Arrêt du firewall
 fw_stop() {
   # Supprimer une route ajouter automatiquement
-  ip route del 169.254.0.0/16
+  #ip route del 169.254.0.0/16
   # Vider les tables actuelles
   $IPT -t filter -F
   # Vider les règles personnelles