From 61e1585f054ee47cf78d21abed09769c9482efc4 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Sun, 3 Jul 2011 17:49:21 +0200
Subject: [PATCH] Drop reserved ports from the web GUI.

Recently, TCP/UDP ports 222 and 444 among others could not
be forwareded (DNAT) to another machine on the network.
This is unneccessary and now removed.
---
 config/rootfiles/core/50/filelists/files | 1 +
 html/cgi-bin/portfw.cgi                  | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/config/rootfiles/core/50/filelists/files b/config/rootfiles/core/50/filelists/files
index 9d3970772..034310c96 100644
--- a/config/rootfiles/core/50/filelists/files
+++ b/config/rootfiles/core/50/filelists/files
@@ -3,6 +3,7 @@ var/ipfire/langs/
 etc/rc.d/init.d/console
 usr/local/sbin/setup
 var/ipfire/graphs.pl
+srv/web/ipfire/cgi-bin/portfw.cgi
 srv/web/ipfire/cgi-bin/logs.cgi/log.dat
 usr/local/share/GeoIP/GeoIP.dat
 usr/share/hwdata/pci.ids
diff --git a/html/cgi-bin/portfw.cgi b/html/cgi-bin/portfw.cgi
index 5583fb88a..199682f44 100644
--- a/html/cgi-bin/portfw.cgi
+++ b/html/cgi-bin/portfw.cgi
@@ -1038,7 +1038,7 @@ sub disallowreserved
 {
 	# port 67 and 68 same for tcp and udp, don't bother putting in an array
 	my $msg = "";
-	my @tcp_reserved = (81,222,444);
+	my @tcp_reserved = ();
 	my $prt = $_[0]; # the port or range
 	my $ryn = $_[1]; # tells us whether or not it is a port range
 	my $prot = $_[2]; # protocol
-- 
2.39.2