update..
This commit is contained in:
@@ -260,6 +260,12 @@ samba_user:
|
|||||||
6631333038306462610a356535633265633563633962333137326533633834636331343562633765
|
6631333038306462610a356535633265633563633962333137326533633834636331343562633765
|
||||||
3631
|
3631
|
||||||
|
|
||||||
|
- name: carlotta
|
||||||
|
groups:
|
||||||
|
- buero
|
||||||
|
- beratung
|
||||||
|
password: '20_car-lotta.25%'
|
||||||
|
|
||||||
- name: cristina
|
- name: cristina
|
||||||
groups:
|
groups:
|
||||||
- buero
|
- buero
|
||||||
|
|||||||
3
hosts
3
hosts
@@ -41,7 +41,6 @@ gw-123.oopen.de
|
|||||||
gw-ah.oopen.de
|
gw-ah.oopen.de
|
||||||
gw-ak.oopen.de
|
gw-ak.oopen.de
|
||||||
gw-akb.oopen.de
|
gw-akb.oopen.de
|
||||||
172.16.82.2
|
|
||||||
gw-dissens.oopen.de
|
gw-dissens.oopen.de
|
||||||
gw-ebs.oopen.de
|
gw-ebs.oopen.de
|
||||||
gw-fm.oopen.de
|
gw-fm.oopen.de
|
||||||
@@ -495,7 +494,6 @@ gw-ak.oopen.de
|
|||||||
|
|
||||||
# AKB
|
# AKB
|
||||||
gw-akb.oopen.de
|
gw-akb.oopen.de
|
||||||
172.16.82.2
|
|
||||||
|
|
||||||
# Dissens
|
# Dissens
|
||||||
gw-dissens.oopen.de
|
gw-dissens.oopen.de
|
||||||
@@ -1888,7 +1886,6 @@ gw-elster.oopen.de
|
|||||||
gw-blkr.oopen.de
|
gw-blkr.oopen.de
|
||||||
gw-ak.oopen.de
|
gw-ak.oopen.de
|
||||||
gw-akb.oopen.de
|
gw-akb.oopen.de
|
||||||
172.16.82.2
|
|
||||||
gw-dissens.oopen.de
|
gw-dissens.oopen.de
|
||||||
gw-ckubu.local.netz
|
gw-ckubu.local.netz
|
||||||
gw-flr.oopen.de
|
gw-flr.oopen.de
|
||||||
|
|||||||
@@ -141,52 +141,62 @@
|
|||||||
# Add additional SMTP ports OUT
|
# Add additional SMTP ports OUT
|
||||||
# ---
|
# ---
|
||||||
|
|
||||||
- name: Check if String 'smtpd_additional_outgoung_ports..' (IPv4) is present
|
- name: Check if String 'allow_ipmi_request_in..' (IPv4) is present
|
||||||
shell: grep -q -E "^#?smtpd_additional_outgoung_ports=" /etc/ipt-firewall/main_ipv4.conf
|
shell: grep -q -E "^#?allow_ipmi_request_in=" /etc/ipt-firewall/main_ipv4.conf
|
||||||
register: smtpd_additional_outgoung_ports_ipv4_present
|
register: allow_ipmi_request_in_ipv4_present
|
||||||
when: main_ipv4_exists.stat.exists
|
when: main_ipv4_exists.stat.exists
|
||||||
failed_when: "smtpd_additional_outgoung_ports_ipv4_present.rc > 1"
|
failed_when: "allow_ipmi_request_in_ipv4_present.rc > 1"
|
||||||
changed_when: "smtpd_additional_outgoung_ports_ipv4_present.rc > 0"
|
changed_when: "allow_ipmi_request_in_ipv4_present.rc > 0"
|
||||||
|
|
||||||
- name: Adjust file '/etc/ipt-firewall/main_ipv4.conf' (FreeIPA Service)
|
- name: Adjust file '/etc/ipt-firewall/main_ipv4.conf' (allow_ipmi_request_in)
|
||||||
blockinfile:
|
blockinfile:
|
||||||
path: /etc/ipt-firewall/main_ipv4.conf
|
path: /etc/ipt-firewall/main_ipv4.conf
|
||||||
insertafter: '^#?\s*mail_user_ports'
|
insertafter: '^#?\s*ipmi_tcp_ports='
|
||||||
block: |
|
block: |
|
||||||
|
# - Allow Access to IPMI Interfaces from outside
|
||||||
# Additional Ports for outgoing smtp traffic
|
# -
|
||||||
#
|
# - Note:
|
||||||
# blank separated list of ports
|
# - In addition, ports
|
||||||
#
|
# -
|
||||||
smtpd_additional_outgoung_ports=""
|
# - TCP :443, 3520, 5900
|
||||||
marker: "# Marker set by modify-ipt-gateway.yml (FreeIPA Service)"
|
# - UDP: 623
|
||||||
|
# -
|
||||||
|
# - must be forwarded to the IP address of the IPMI network interface in the router (e.g., Fritzbox).
|
||||||
|
# -
|
||||||
|
allow_ipmi_request_in=false
|
||||||
|
marker: "# Marker set by modify-ipt-gateway.yml (allow_ipmi_request_in)"
|
||||||
when:
|
when:
|
||||||
- main_ipv4_exists.stat.exists
|
- main_ipv4_exists.stat.exists
|
||||||
- smtpd_additional_outgoung_ports_ipv4_present is changed
|
- allow_ipmi_request_in_ipv4_present is changed
|
||||||
|
|
||||||
|
|
||||||
- name: Check if String 'smtpd_additional_outgoung_ports..' (IPv6) is present
|
- name: Check if String 'allow_ipmi_request_in..' (IPv6) is present
|
||||||
shell: grep -q -E "^#?smtpd_additional_outgoung_ports=" /etc/ipt-firewall/main_ipv6.conf
|
shell: grep -q -E "^#?allow_ipmi_request_in=" /etc/ipt-firewall/main_ipv6.conf
|
||||||
register: smtpd_additional_outgoung_ports_ipv6_present
|
register: allow_ipmi_request_in_ipv6_present
|
||||||
when: main_ipv6_exists.stat.exists
|
when: main_ipv6_exists.stat.exists
|
||||||
failed_when: "smtpd_additional_outgoung_ports_ipv6_present.rc > 1"
|
failed_when: "allow_ipmi_request_in_ipv6_present.rc > 1"
|
||||||
changed_when: "smtpd_additional_outgoung_ports_ipv6_present.rc > 0"
|
changed_when: "allow_ipmi_request_in_ipv6_present.rc > 0"
|
||||||
|
|
||||||
- name: Adjust file '/etc/ipt-firewall/main_ipv6.conf' (FreeIPA Service)
|
- name: Adjust file '/etc/ipt-firewall/main_ipv6.conf' (allow_ipmi_request_in)
|
||||||
blockinfile:
|
blockinfile:
|
||||||
path: /etc/ipt-firewall/main_ipv6.conf
|
path: /etc/ipt-firewall/main_ipv6.conf
|
||||||
insertafter: '^#?\s*mail_user_ports='
|
insertafter: '^#?\s*ipmi_tcp_ports='
|
||||||
block: |
|
block: |
|
||||||
|
# - Allow Access to IPMI Interfaces from outside
|
||||||
# Additional Ports for outgoing smtp traffic
|
# -
|
||||||
#
|
# - Note:
|
||||||
# blank separated list of ports
|
# - In addition, ports
|
||||||
#
|
# -
|
||||||
smtpd_additional_outgoung_ports=""
|
# - TCP :443, 3520, 5900
|
||||||
marker: "# Marker set by modify-ipt-gateway.yml (FreeIPA Service)"
|
# - UDP: 623
|
||||||
|
# -
|
||||||
|
# - must be forwarded to the IP address of the IPMI network interface in the router (e.g., Fritzbox).
|
||||||
|
# -
|
||||||
|
allow_ipmi_request_in=false
|
||||||
|
marker: "# Marker set by modify-ipt-gateway.yml (allow_ipmi_request_in)"
|
||||||
when:
|
when:
|
||||||
- main_ipv6_exists.stat.exists
|
- main_ipv6_exists.stat.exists
|
||||||
- smtpd_additional_outgoung_ports_ipv6_present is changed
|
- allow_ipmi_request_in_ipv6_present is changed
|
||||||
|
|
||||||
|
|
||||||
# ---
|
# ---
|
||||||
|
|||||||
Reference in New Issue
Block a user