Add support for XMPP (Jabber Prosody) Service
This commit is contained in:
ckubu
parent
eaf4fb9a40
commit
1b35830610
@ -298,6 +298,31 @@ forward_ftp_server_ips=""
|
||||
ftp_passive_port_range="50000:50400"
|
||||
|
||||
|
||||
# - XMPP Service (Jabber - Prosody)
|
||||
# -
|
||||
xmpp_server_ips=""
|
||||
forward_xmpp_server_ips=""
|
||||
|
||||
# - Ports used by XMpp (Prosody) service
|
||||
# -
|
||||
# - 5222 eingehend, für Client-Verbindungen unverschlüsselt oder TLS-verschlüsselt
|
||||
# - 5223 eingehend, für SSL-verschlüsselte Clientverbindungen (veraltet)
|
||||
# - 5269 ein- und ausgehend, für Verbindungen zu anderen Servern
|
||||
# -
|
||||
# - WebSocket (support is provided by mod_websocket)
|
||||
# - 5280 eingehend, für Client-Verbindungen über HTTP-Polling (nützlich für Webapplikationen)
|
||||
# -
|
||||
xmmp_tcp_in_ports="5222 5223 5269"
|
||||
xmmp_tcp_out_ports="5269"
|
||||
|
||||
# - XMPP Remote Dovecote Out Service
|
||||
# -
|
||||
# - Example:
|
||||
# - xmmp_remote_out_services="192.68.11.81:44444 83.223.86.91:44444"
|
||||
# -
|
||||
xmmp_remote_out_services=""
|
||||
|
||||
|
||||
# - Mumble Server
|
||||
# -
|
||||
mumble_server_ips=""
|
||||
|
||||
@ -317,6 +317,34 @@ forward_ftp_server_ips=""
|
||||
ftp_passive_port_range="50000:50400"
|
||||
|
||||
|
||||
# - XMPP Service (Jabber - Prosody)
|
||||
# -
|
||||
xmpp_server_ips=""
|
||||
forward_xmpp_server_ips=""
|
||||
|
||||
# - Ports used by XMpp (Prosody) service
|
||||
# -
|
||||
# - 5222 eingehend, für Client-Verbindungen unverschlüsselt oder TLS-verschlüsselt
|
||||
# - 5223 eingehend, für SSL-verschlüsselte Clientverbindungen (veraltet)
|
||||
# - 5269 ein- und ausgehend, für Verbindungen zu anderen Servern
|
||||
# -
|
||||
# - WebSocket (support is provided by mod_websocket)
|
||||
# - 5280 eingehend, für Client-Verbindungen über HTTP-Polling (nützlich für Webapplikationen)
|
||||
# -
|
||||
xmmp_tcp_in_ports="5222 5223 5269"
|
||||
xmmp_tcp_out_ports="5269"
|
||||
|
||||
# - XMPP Remote Dovecote Out Service
|
||||
# -
|
||||
# - Example:
|
||||
# - - xmmp_remote_out_services="
|
||||
# - 2a01:4f8:221:3b4e::247,44444
|
||||
# - 2a01:30:0:13:2f7:50ff:fed2:cef7,44444
|
||||
# - "
|
||||
# -
|
||||
xmmp_remote_out_services=""
|
||||
|
||||
|
||||
# - Mumble Server
|
||||
# -
|
||||
mumble_server_ips=""
|
||||
|
||||
@ -214,6 +214,28 @@ for _ip in $forward_smtpd_ips ; do
|
||||
forward_smtpd_ip_arr+=("$_ip")
|
||||
done
|
||||
|
||||
|
||||
# ---
|
||||
# - IP Addresses XMPP Service (Jabber - Prosody)
|
||||
# ---
|
||||
declare -a xmpp_server_ip_arr
|
||||
for _ip in $xmpp_server_ips ; do
|
||||
xmpp_server_ip_arr+=("$_ip")
|
||||
done
|
||||
|
||||
declare -a forward_xmpp_server_ip_arr
|
||||
for _ip in $forward_xmpp_server_ips ; do
|
||||
forward_xmpp_server_ip_arr+=("$_ip")
|
||||
done
|
||||
|
||||
# ---
|
||||
# - XMPP Remote Dovecote Out Service
|
||||
# ---
|
||||
declare -a xmmp_remote_out_service_arr
|
||||
for _val in $xmmp_remote_out_services ; do
|
||||
xmmp_remote_out_service_arr+=("$_val")
|
||||
done
|
||||
|
||||
# ---
|
||||
# - Mail Services (smtps/pop(s)/imap(s)
|
||||
# ---
|
||||
@ -308,6 +330,19 @@ for _port in $ssh_ports ; do
|
||||
ssh_port_arr+=("$_port")
|
||||
done
|
||||
|
||||
# ---
|
||||
# - XMPP Service (Jabber - Prosody)
|
||||
# ---
|
||||
declare -a xmmp_tcp_in_port_arr
|
||||
for _port in $xmmp_tcp_in_ports ; do
|
||||
xmmp_tcp_in_port_arr+=("$_port")
|
||||
done
|
||||
|
||||
declare -a xmmp_tcp_out_port_arr
|
||||
for _port in $xmmp_tcp_out_ports ; do
|
||||
xmmp_tcp_out_port_arr+=("$_port")
|
||||
done
|
||||
|
||||
# ---
|
||||
# - VPN Ports
|
||||
# ---
|
||||
|
||||
@ -1640,6 +1640,64 @@ fi
|
||||
#fi
|
||||
|
||||
|
||||
# ---
|
||||
# - XMPP Service (Jabber)
|
||||
# ---
|
||||
|
||||
echononl "\t\tXMPP Service"
|
||||
|
||||
if [[ ${#xmpp_server_ip_arr[@]} -gt 0 ]] || [[ ${#forward_xmpp_server_ip_arr[@]} -gt 0 ]] ; then
|
||||
|
||||
if [[ ${#xmpp_server_ip_arr[@]} -gt 0 ]] ; then
|
||||
for _ip in ${xmpp_server_ip_arr[@]} ; do
|
||||
for _port in ${xmmp_tcp_in_port_arr[@]} ; do
|
||||
$ip6t -A INPUT -p tcp -d $_ip --dport $_port -m state --state NEW -j ACCEPT
|
||||
done
|
||||
|
||||
for _port in ${xmmp_tcp_out_port_arr[@]} ; do
|
||||
$ip6t -A OUTPUT -p tcp -s $_ip --dport $_port -m state --state NEW -j ACCEPT
|
||||
done
|
||||
done
|
||||
fi
|
||||
|
||||
|
||||
if [[ ${#forward_xmpp_server_ip_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then
|
||||
for _ip in ${forward_xmpp_server_ip_arr[@]} ; do
|
||||
for _port in ${xmmp_tcp_in_port_arr[@]} ; do
|
||||
$ip6t -A FORWARD -p tcp -d $_ip --dport $_port -m state --state NEW -j ACCEPT
|
||||
done
|
||||
|
||||
for _port in ${xmmp_tcp_out_port_arr[@]} ; do
|
||||
$ip6t -A FORWARD -p tcp -s $_ip --dport $_port -m state --state NEW -j ACCEPT
|
||||
done
|
||||
done
|
||||
fi
|
||||
|
||||
echo_done
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
|
||||
# ---
|
||||
# - XMPP Remote Dovecote Out Service
|
||||
# ---
|
||||
|
||||
echononl "\t\tXMPP Remote Dovecote Out Service"
|
||||
|
||||
if [[ ${#xmmp_remote_out_service_arr[@]} -gt 0 ]] ; then
|
||||
for _dev in "${ext_if_arr[@]}" ; do
|
||||
for _val in "${xmmp_remote_out_service_arr[@]}" ; do
|
||||
IFS=',' read -a _val_arr <<< "${_val}"
|
||||
$ip6t -A OUTPUT -o $_dev -p tcp -d ${_val_arr[0]} --dport ${_val_arr[1]} -m state --state NEW -j ACCEPT
|
||||
done
|
||||
done
|
||||
echo_done
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
|
||||
# ---
|
||||
# - Mumble Service
|
||||
# ---
|
||||
|
||||
@ -1884,6 +1884,64 @@ fi
|
||||
#fi
|
||||
|
||||
|
||||
# ---
|
||||
# - XMPP Service (Jabber)
|
||||
# ---
|
||||
|
||||
echononl "\t\tXMPP Service"
|
||||
|
||||
if [[ ${#xmpp_server_ip_arr[@]} -gt 0 ]] || [[ ${#forward_xmpp_server_ip_arr[@]} -gt 0 ]] ; then
|
||||
|
||||
if [[ ${#xmpp_server_ip_arr[@]} -gt 0 ]] ; then
|
||||
for _ip in ${xmpp_server_ip_arr[@]} ; do
|
||||
for _port in ${xmmp_tcp_in_port_arr[@]} ; do
|
||||
$ipt -A INPUT -p tcp -d $_ip --dport $_port -m state --state NEW -j ACCEPT
|
||||
done
|
||||
|
||||
for _port in ${xmmp_tcp_out_port_arr[@]} ; do
|
||||
$ipt -A OUTPUT -p tcp -s $_ip --dport $_port -m state --state NEW -j ACCEPT
|
||||
done
|
||||
done
|
||||
fi
|
||||
|
||||
|
||||
if [[ ${#forward_xmpp_server_ip_arr[@]} -gt 0 ]] && $kernel_activate_forwarding ; then
|
||||
for _ip in ${forward_xmpp_server_ip_arr[@]} ; do
|
||||
for _port in ${xmmp_tcp_in_port_arr[@]} ; do
|
||||
$ipt -A FORWARD -p tcp -d $_ip --dport $_port -m state --state NEW -j ACCEPT
|
||||
done
|
||||
|
||||
for _port in ${xmmp_tcp_out_port_arr[@]} ; do
|
||||
$ipt -A FORWARD -p tcp -s $_ip --dport $_port -m state --state NEW -j ACCEPT
|
||||
done
|
||||
done
|
||||
fi
|
||||
|
||||
echo_done
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
|
||||
# ---
|
||||
# - XMPP Remote Dovecote Out Service
|
||||
# ---
|
||||
|
||||
echononl "\t\tXMPP Remote Dovecote Out Service"
|
||||
|
||||
if [[ ${#xmmp_remote_out_service_arr[@]} -gt 0 ]] ; then
|
||||
for _dev in "${ext_if_arr[@]}" ; do
|
||||
for _val in "${xmmp_remote_out_service_arr[@]}" ; do
|
||||
IFS=':' read -a _val_arr <<< "${_val}"
|
||||
$ipt -A OUTPUT -o $_dev -p tcp -d ${_val_arr[0]} --dport ${_val_arr[1]} -m state --state NEW -j ACCEPT
|
||||
done
|
||||
done
|
||||
echo_done
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
|
||||
# ---
|
||||
# - Mumble Service
|
||||
# ---
|
||||
|
||||
Loading…
Reference in New Issue
Block a user