{
    return "" if $oidentd{status} eq "enabled";

    return <<'END_REJECT_IDENT';

     /sbin/iptables -A $NEW_InboundTCP --proto tcp --dport 113 \
	 --destination $OUTERNET \
	--jump REJECT \
	--reject-with tcp-reset

END_REJECT_IDENT
}


