firewall: Drop support for blocking P2P protocols.

[people/pmueller/ipfire-2.x.git] / config / firewall / rules.pl

diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index c0878059a5040c217d4a344e349f979a683afda6..25d01e0e38da2ca4889ca229936b4f5a7426b215 100644 (file)
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -72,12 +72,9 @@ my %locationsettings = (
 );
 my %loaded_ipset_lists=();
 
-my @p2ps=();
-
 my $configfwdfw                = "${General::swroot}/firewall/config";
 my $configinput            = "${General::swroot}/firewall/input";
 my $configoutgoing  = "${General::swroot}/firewall/outgoing";
-my $p2pfile                    = "${General::swroot}/firewall/p2protocols";
 my $locationfile               = "${General::swroot}/firewall/locationblock";
 my $configgrp          = "${General::swroot}/fwhosts/customgroups";
 my $netsettings                = "${General::swroot}/ethernet/settings";
@@ -134,9 +131,6 @@ sub main {
                &buildrules(\%configfwdfw);
        }
 
-       # Load P2P block rules.
-       &p2pblock();
-
        # Load Location block rules.
        &locationblock();
 
@@ -656,23 +650,6 @@ sub time_convert_to_minutes {
        return ($hrs * 60) + $min;
 }
 
-sub p2pblock {
-       open(FILE, "<$p2pfile") or die "Unable to read $p2pfile";
-       my @protocols = ();
-       foreach my $p2pentry (<FILE>) {
-               my @p2pline = split(/\;/, $p2pentry);
-               next unless ($p2pline[2] eq "off");
-
-               push(@protocols, "--$p2pline[1]");
-       }
-       close(FILE);
-
-       run("$IPTABLES -F P2PBLOCK");
-       if (@protocols) {
-               run("$IPTABLES -A P2PBLOCK -m ipp2p @protocols -j DROP");
-       }
-}
-
 sub locationblock {
        # The LOCATIONBLOCK chain now gets flushed by the flush() function.