From c2527a7f37034c85ed2f24fc825d33fd0f667e5b Mon Sep 17 00:00:00 2001
From: Sten Spans <sten@blinkenlights.nl>
Date: Tue, 30 Aug 2016 08:51:04 +0200
Subject: [PATCH] remove hash signs

As requested by @ahupowerdns, to make copy-pasting easier.
---
 docs/markdown/recursor/performance.md | 65 +++++++++++++--------------
 1 file changed, 32 insertions(+), 33 deletions(-)

diff --git a/docs/markdown/recursor/performance.md b/docs/markdown/recursor/performance.md
index 22da72e361..cb935b43eb 100644
--- a/docs/markdown/recursor/performance.md
+++ b/docs/markdown/recursor/performance.md
@@ -22,25 +22,24 @@ To get the best out of the PowerDNS recursor, which is important if you are doin
 
 ```
 ## IPv4
-# iptables -t raw -I OUTPUT -p udp --dport 53 -j CT --notrack
-# iptables -t raw -I OUTPUT -p udp --sport 53 -j CT --notrack
-# iptables -t raw -I PREROUTING -p udp --dport 53 -j CT --notrack
-# iptables -t raw -I PREROUTING -p udp --sport 53 -j CT --notrack
-# iptables -I INPUT -p udp --dport 53 -j ACCEPT
-# iptables -I INPUT -p udp --sport 53 -j ACCEPT
-# iptables -I OUTPUT -p udp --dport 53 -j ACCEPT
-# iptables -I OUTPUT -p udp --sport 53 -j ACCEPT
-
+iptables -t raw -I OUTPUT -p udp --dport 53 -j CT --notrack
+iptables -t raw -I OUTPUT -p udp --sport 53 -j CT --notrack
+iptables -t raw -I PREROUTING -p udp --dport 53 -j CT --notrack
+iptables -t raw -I PREROUTING -p udp --sport 53 -j CT --notrack
+iptables -I INPUT -p udp --dport 53 -j ACCEPT
+iptables -I INPUT -p udp --sport 53 -j ACCEPT
+iptables -I OUTPUT -p udp --dport 53 -j ACCEPT
+iptables -I OUTPUT -p udp --sport 53 -j ACCEPT
 
 ## IPv6
-# ip6tables -t raw -I OUTPUT -p udp --dport 53 -j CT --notrack
-# ip6tables -t raw -I OUTPUT -p udp --sport 53 -j CT --notrack
-# ip6tables -t raw -I PREROUTING -p udp --sport 53 -j CT --notrack
-# ip6tables -t raw -I PREROUTING -p udp --dport 53 -j CT --notrack
-# ip6tables -I INPUT -p udp --dport 53 -j ACCEPT
-# ip6tables -I INPUT -p udp --sport 53 -j ACCEPT
-# ip6tables -I OUTPUT -p udp --dport 53 -j ACCEPT
-# ip6tables -I OUTPUT -p udp --sport 53 -j ACCEPT
+ip6tables -t raw -I OUTPUT -p udp --dport 53 -j CT --notrack
+ip6tables -t raw -I OUTPUT -p udp --sport 53 -j CT --notrack
+ip6tables -t raw -I PREROUTING -p udp --sport 53 -j CT --notrack
+ip6tables -t raw -I PREROUTING -p udp --dport 53 -j CT --notrack
+ip6tables -I INPUT -p udp --dport 53 -j ACCEPT
+ip6tables -I INPUT -p udp --sport 53 -j ACCEPT
+ip6tables -I OUTPUT -p udp --dport 53 -j ACCEPT
+ip6tables -I OUTPUT -p udp --sport 53 -j ACCEPT
 ```
 
 
@@ -48,24 +47,24 @@ When using FirewallD (Centos 7+ / RedHat 7+ / Fedora 21+) connection tracking ca
 The settings can be made permanent by using the --permanent flag.
 ```
 ## IPv4
-# firewall-cmd --direct --add-rule ipv4 raw OUTPUT 0 -p udp --dport 53 -j CT --notrack
-# firewall-cmd --direct --add-rule ipv4 raw OUTPUT 0 -p udp --sport 53 -j CT --notrack
-# firewall-cmd --direct --add-rule ipv4 raw PREROUTING 0 -p udp --dport 53 -j CT --notrack
-# firewall-cmd --direct --add-rule ipv4 raw PREROUTING 0 -p udp --sport 53 -j CT --notrack
-# firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p udp --dport 53 -j ACCEPT
-# firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p udp --sport 53 -j ACCEPT
-# firewall-cmd --direct --add-rule ipv4 filter OUTPUT 0 -p udp --dport 53 -j ACCEPT
-# firewall-cmd --direct --add-rule ipv4 filter OUTPUT 0 -p udp --sport 53 -j ACCEPT
+firewall-cmd --direct --add-rule ipv4 raw OUTPUT 0 -p udp --dport 53 -j CT --notrack
+firewall-cmd --direct --add-rule ipv4 raw OUTPUT 0 -p udp --sport 53 -j CT --notrack
+firewall-cmd --direct --add-rule ipv4 raw PREROUTING 0 -p udp --dport 53 -j CT --notrack
+firewall-cmd --direct --add-rule ipv4 raw PREROUTING 0 -p udp --sport 53 -j CT --notrack
+firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p udp --dport 53 -j ACCEPT
+firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p udp --sport 53 -j ACCEPT
+firewall-cmd --direct --add-rule ipv4 filter OUTPUT 0 -p udp --dport 53 -j ACCEPT
+firewall-cmd --direct --add-rule ipv4 filter OUTPUT 0 -p udp --sport 53 -j ACCEPT
 
 ## IPv6
-# firewall-cmd --direct --add-rule ipv6 raw OUTPUT 0 -p udp --dport 53 -j CT --notrack
-# firewall-cmd --direct --add-rule ipv6 raw OUTPUT 0 -p udp --sport 53 -j CT --notrack
-# firewall-cmd --direct --add-rule ipv6 raw PREROUTING 0 -p udp --dport 53 -j CT --notrack
-# firewall-cmd --direct --add-rule ipv6 raw PREROUTING 0 -p udp --sport 53 -j CT --notrack
-# firewall-cmd --direct --add-rule ipv6 filter INPUT 0 -p udp --dport 53 -j ACCEPT
-# firewall-cmd --direct --add-rule ipv6 filter INPUT 0 -p udp --sport 53 -j ACCEPT
-# firewall-cmd --direct --add-rule ipv6 filter OUTPUT 0 -p udp --dport 53 -j ACCEPT
-# firewall-cmd --direct --add-rule ipv6 filter OUTPUT 0 -p udp --sport 53 -j ACCEPT
+firewall-cmd --direct --add-rule ipv6 raw OUTPUT 0 -p udp --dport 53 -j CT --notrack
+firewall-cmd --direct --add-rule ipv6 raw OUTPUT 0 -p udp --sport 53 -j CT --notrack
+firewall-cmd --direct --add-rule ipv6 raw PREROUTING 0 -p udp --dport 53 -j CT --notrack
+firewall-cmd --direct --add-rule ipv6 raw PREROUTING 0 -p udp --sport 53 -j CT --notrack
+firewall-cmd --direct --add-rule ipv6 filter INPUT 0 -p udp --dport 53 -j ACCEPT
+firewall-cmd --direct --add-rule ipv6 filter INPUT 0 -p udp --sport 53 -j ACCEPT
+firewall-cmd --direct --add-rule ipv6 filter OUTPUT 0 -p udp --dport 53 -j ACCEPT
+firewall-cmd --direct --add-rule ipv6 filter OUTPUT 0 -p udp --sport 53 -j ACCEPT
 ```
 
 
-- 
2.47.2