firewall/ipt-gateway
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add support for additional SMTP ports OUT.

Browse Source
This commit is contained in:
Christoph 2025-01-27 23:39:56 +01:00
parent 80bf02d7ad
commit c2d62b72bd
5 changed files with 81 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
conf/main_ipv4.conf.sample
View File

@ -837,6 +837,13 @@ mail_user_ports="$standard_mailuser_ports"
mail_smtp_port="$standard_smtp_port"
# Additional Ports for outgoing smtp traffic
#
# comma separated list of ports
#
smtpd_additional_outgoung_ports=""
# ======
# - FTP Service
# ======

7
conf/main_ipv6.conf.sample
View File

@ -809,6 +809,13 @@ mail_user_ports="$standard_mailuser_ports"
mail_smtp_port="$standard_smtp_port"
# Additional Ports for outgoing smtp traffic
#
# comma separated list of ports
#
smtpd_additional_outgoung_ports=""
# ======
# - FTP Service
# ======

21
conf/post_decalrations.conf
View File

@ -727,6 +727,27 @@ done
IFS="$CUR_IFS"
# ---
# Additional SMTP Outgoing Ports
# ---
declare -a smtpd_additional_outgoung_port_arr=()
CUR_IFS="$IFS"
IFS=',' ; for _port in $smtpd_additional_outgoung_ports ; do
if containsElement "${_port}" "${out_tcp_port_arr[@]}" ; then
continue
fi
smtpd_additional_outgoung_port_arr+=("${_port}")
if $allow_mail_request_out ; then
out_tcp_port_arr+=("$_port")
fi
done
IFS="$CUR_IFS"
# ---
# - FTP out only

23
ip6t-firewall-gateway
View File

@ -2630,6 +2630,29 @@ else
fi
# ---
# - Mail (additional smtp ports OUT)
# ---
echononl "\t\tMail (additional smtp ports OUT)"
if [[ ${#smtpd_additional_outgoung_port_arr[@]} -gt 0 ]] ; then
for _port in ${smtpd_additional_outgoung_port_arr[@]} ; do
for _dev in ${ext_if_arr[@]} ; do
$ip6t -A OUTPUT -o $_dev -p tcp --dport $_port -m state --state NEW -j ACCEPT
if $kernel_forward_between_interfaces ; then
$ip6t -A FORWARD -o $_dev -p tcp --dport $_port -m state --state NEW -j ACCEPT
fi
done
done
echo_done
else
echo_skipped
fi
# ---
# - SMTP (Relay) Service Gateway
# ---

23
ipt-firewall-gateway
View File

@ -3402,6 +3402,29 @@ else
fi
# ---
# - Mail (additional smtp ports OUT)
# ---
echononl "\t\tMail (additional smtp ports OUT)"
if [[ ${#smtpd_additional_outgoung_port_arr[@]} -gt 0 ]] ; then
for _port in ${smtpd_additional_outgoung_port_arr[@]} ; do
for _dev in ${ext_if_arr[@]} ; do
$ipt -A OUTPUT -o $_dev -p tcp --dport $_port -m state --state NEW -j ACCEPT
if $kernel_activate_forwarding ; then
$ipt -A FORWARD -o $_dev -p tcp --dport $_port -m state --state NEW -j ACCEPT
fi
done
done
echo_done
else
echo_skipped
fi
# ---
# - SMTP (Relay) Service Gateway
# ---