Forward missing Spamcontrolports.

2022-03-09 04:02:00 +01:00 · 2022-03-09 04:02:00 +01:00 · 52022cd6c7
commit 52022cd6c7
parent cdcb74ccac
2 changed files with 31 additions and 0 deletions
--- a/15
+++ b/15
@ -2377,6 +2377,21 @@ if [[ ${#mail_server_dmz_arr[@]} -gt 0 ]] ; then
   mail_port_arr+=("$mail_smtp_port")
   for _ip in "${!mail_server_dmz_arr[@]}"; do

+      if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then
+
+         # Razor2  (TCP Port 2703)
+         $ip6t -A FORWARD -o ${mail_server_dmz_arr[$_ip]} -p tcp --dport 2703 -s $_ip -m conntrack --ctstate NEW -j ACCEPT
+         # Pyzor (UDP Port 24441 or  TCP Port 24441 or both ?)
+         $ip6t -A FORWARD -o ${mail_server_dmz_arr[$_ip]} -p tcp --dport 24441 -s $_ip -m conntrack --ctstate NEW -j ACCEPT
+         $ip6t -A FORWARD -o ${mail_server_dmz_arr[$_ip]} -p udp --dport 24441 -s $_ip -m conntrack --ctstate NEW -j ACCEPT
+
+         # - DCC  (port udp:6277)
+         $ip6t -A FORWARD -o ${mail_server_dmz_arr[$_ip]} -p udp --dport 6277 -s $_ip -m conntrack --ctstate NEW -j ACCEPT
+         # if DCC Server is running (port tcp:6277)
+         $ip6t -A FORWARD -o ${mail_server_dmz_arr[$_ip]} -p tcp --dport 6277 -s $_ip -m conntrack --ctstate NEW -j ACCEPT
+         $ip6t -A FORWARD -i ${mail_server_dmz_arr[$_ip]} -p tcp --dport 6277 -d $_ip -m conntrack --ctstate NEW -j ACCEPT
+      fi
+
      # - Skip if no interface is given
      # -
      if [[ -z "${mail_server_dmz_arr[$_ip]}" ]] ; then
--- a/16
+++ b/16
@ -3098,6 +3098,22 @@ if [[ ${#mail_server_dmz_arr[@]} -gt 0 ]] ; then
   mail_port_arr+=("$mail_smtp_port")
   for _ip in "${!mail_server_dmz_arr[@]}"; do

+      if $kernel_activate_forwarding && ! $permit_local_net_to_inet ; then
+
+         # Razor2  (TCP Port 2703)
+         $ipt -A FORWARD -o ${mail_server_dmz_arr[$_ip]} -p tcp --dport 2703 -s $_ip -m conntrack --ctstate NEW -j ACCEPT
+         # Pyzor (UDP Port 24441 or  TCP Port 24441 or both ?)
+         $ipt -A FORWARD -o ${mail_server_dmz_arr[$_ip]} -p tcp --dport 24441 -s $_ip -m conntrack --ctstate NEW -j ACCEPT
+         $ipt -A FORWARD -o ${mail_server_dmz_arr[$_ip]} -p udp --dport 24441 -s $_ip -m conntrack --ctstate NEW -j ACCEPT
+
+         # - DCC  (port udp:6277)
+         $ipt -A FORWARD -o ${mail_server_dmz_arr[$_ip]} -p udp --dport 6277 -s $_ip -m conntrack --ctstate NEW -j ACCEPT
+         # if DCC Server is running (port tcp:6277)
+         $ipt -A FORWARD -o ${mail_server_dmz_arr[$_ip]} -p tcp --dport 6277 -s $_ip -m conntrack --ctstate NEW -j ACCEPT
+         $ipt -A FORWARD -i ${mail_server_dmz_arr[$_ip]} -p tcp --dport 6277 -d $_ip -m conntrack --ctstate NEW -j ACCEPT
+      fi
+
+
      # - Skip if no interface is given
      # -
      if [[ -z "${mail_server_dmz_arr[$_ip]}" ]] ; then