From 572dd8469e6a31d0de9f862ab4f5d153d600253b Mon Sep 17 00:00:00 2001
From: Giovanni Pellerano <giovanni.pellerano@globaleaks.org>
Date: Thu, 14 Dec 2023 00:16:00 +0100
Subject: [PATCH] Revise firewall rules in relation to issue #3856

---
 debian/globaleaks.init | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/debian/globaleaks.init b/debian/globaleaks.init
index 9c92db74e1..e84d779f7e 100755
--- a/debian/globaleaks.init
+++ b/debian/globaleaks.init
@@ -118,15 +118,6 @@ network_sandboxing_start()
         return
     fi
 
-    iptables -m comment --comment "globaleaks" -t mangle -A PREROUTING -p tcp -m tcp --dport 8080 -j MARK --set-mark 1
-    ip6tables -m comment --comment "globaleaks" -t mangle -A PREROUTING -p tcp -m tcp --dport 8080 -j MARK --set-mark 1
-
-    iptables -m comment --comment "globaleaks" -t mangle -A PREROUTING -p tcp -m tcp --dport 8443 -j MARK --set-mark 1
-    ip6tables -m comment --comment "globaleaks" -t mangle -A PREROUTING -p tcp -m tcp --dport 8443 -j MARK --set-mark 1
-
-    iptables -m comment --comment "globaleaks" -A INPUT -m mark --mark 1 -j REJECT
-    ip6tables -m comment --comment "globaleaks" -A INPUT -m mark --mark 1 -j REJECT
-
     if [[ "$REACHABLE_VIA_WEB" -eq "1" ]]; then
         iptables -m comment --comment "globaleaks" -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
         ip6tables -m comment --comment "globaleaks" -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080