From 38ed9c11c9d14a1dfac3b4b3dbc97f5dc9a4b7ad Mon Sep 17 00:00:00 2001
From: Grant Slater <git@firefishy.com>
Date: Fri, 5 Jul 2013 11:14:37 +0100
Subject: [PATCH] Shorewall: BLACKLISTNEWONLY=Yes to No. Allow blocking of
 existing connections

---
 cookbooks/networking/templates/default/shorewall.conf.erb  | 2 +-
 cookbooks/networking/templates/default/shorewall6.conf.erb | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/cookbooks/networking/templates/default/shorewall.conf.erb b/cookbooks/networking/templates/default/shorewall.conf.erb
index 14e0779db..3ea0b71a2 100644
--- a/cookbooks/networking/templates/default/shorewall.conf.erb
+++ b/cookbooks/networking/templates/default/shorewall.conf.erb
@@ -117,7 +117,7 @@ MUTEX_TIMEOUT=60
 
 ADMINISABSENTMINDED=Yes
 
-BLACKLISTNEWONLY=Yes
+BLACKLISTNEWONLY=No
 
 DELAYBLACKLISTLOAD=No
 
diff --git a/cookbooks/networking/templates/default/shorewall6.conf.erb b/cookbooks/networking/templates/default/shorewall6.conf.erb
index 008fc6a9f..6f31ad6c8 100644
--- a/cookbooks/networking/templates/default/shorewall6.conf.erb
+++ b/cookbooks/networking/templates/default/shorewall6.conf.erb
@@ -101,7 +101,7 @@ MUTEX_TIMEOUT=60
 
 ADMINISABSENTMINDED=Yes
 
-BLACKLISTNEWONLY=Yes
+BLACKLISTNEWONLY=No
 
 MODULE_SUFFIX=ko
 
-- 
2.43.2