--- a/etc/shorewall/91.121.14.45/rules	Sun Aug 24 19:40:31 2008 +0200
+++ b/etc/shorewall/91.121.14.45/rules	Tue Aug 26 12:42:33 2008 +0200
@@ -6,18 +6,19 @@ HTTP/ACCEPT     net             $FW:${PU
 #
 # public1 -> net
 #
-DNS/ACCEPT      $FW             net
-HTTP/ACCEPT     $FW             net
-HTTPS/ACCEPT     $FW             net
-SSH/ACCEPT      $FW             net
-NTP/ACCEPT      $FW             net
-FTP/ACCEPT      $FW             net
-SMTP/ACCEPT      $FW             net
-Rsync/ACCEPT      $FW             net
+#ACCEPT      $FW             net
+#DNS/ACCEPT      $FW             net
+#HTTP/ACCEPT     $FW             net
+#HTTPS/ACCEPT     $FW             net
+#SSH/ACCEPT      $FW             net
+#NTP/ACCEPT      $FW             net
+#FTP/ACCEPT      $FW             net
+#SMTP/ACCEPT      $FW             net
+#Rsync/ACCEPT      $FW             net
 # rsync to farmpoker3d.pokersource.info
-ACCEPT          $FW             net             tcp     4873
+#ACCEPT          $FW             net             tcp     4873
 # git
-ACCEPT          $FW             net             tcp     9418
+#ACCEPT          $FW             net             tcp     9418
 # all http,https goes thru proxy (loic@dachary.org)
 DNAT            net             loc:$VSRV_PROXY      tcp     http,https     -       ${PUBLIC1:-.}
 ACCEPT          net             $FW:${VSRV_PROXY:-.}

--- a/etc/shorewall/policy	Sun Aug 24 19:40:31 2008 +0200
+++ b/etc/shorewall/policy	Tue Aug 26 12:42:33 2008 +0200
@@ -122,7 +122,8 @@ loc		all		REJECT		info
 # If you want open access to the Internet from your firewall, change the
 # $FW to net policy to ACCEPT and remove the 'info' LOG LEVEL.
 # This may be useful if you run a proxy server on the firewall.
-$FW		net		REJECT		info
+#$FW		net		REJECT		info
+$FW		net		ACCEPT
 $FW		loc		REJECT		info
 $FW		all		REJECT		info