Add file 'conf/default_ports.conf'. Remove file 'conf/ports.conf'.

2019-06-30 15:29:07 +02:00
parent b3347d273d
commit 57d09ba98d
6 changed files with 304 additions and 178 deletions
--- a/conf/default_ports.conf
+++ b/conf/default_ports.conf
@ -0,0 +1,90 @@
+#!/usr/bin/env bash
+
+# -------------
+# --- Default Ports for Services out
+# -------------
+
+standard_checkmk_port=6556
+standard_cpan_wait_port=1404
+standard_cups_port=$standard_ipp_port
+standard_dns_port=53
+standard_ftp_port=21
+standard_ftp_data_port=20
+standard_git_port=9418
+standard_hbci_port=3000
+standard_http_port=80
+standard_https_port=443
+standard_ident_port=113
+standard_ipp_port=631
+standard_irc_port=6667
+standard_jabber_port=5222
+standard_mumble_port=64738
+standard_munin_port=4949
+standard_mysql_port=3306
+standard_ntp_port=123
+standard_pgp_keyserver_port=11371
+standard_print_port=9100
+standard_print_raw_port=515
+standard_remote_console_port=5900
+standard_silc_port=706
+standard_smtp_port=25
+standard_snmp_port=161
+standard_snmp_trap_port=162
+standard_ssh_port=22
+standard_telnet_port=23
+standard_tftp_udp_port=69
+standard_timeserver_port=37
+standard_vpn_port=1194
+standard_whois_port=43
+standard_xymon_port=1984
+
+# - IPsec - Internet Security Association and
+# -  Key Management Protocol
+standard_isakmp_port=500
+standard_ipsec_nat_t=4500
+
+
+# - Comma separated lists
+# -
+standard_http_ports="80,443"
+standard_mailuser_ports="587,465,110,995,143,993"
+
+
+# -------------
+# --- Predefined Ports
+# -------------
+
+# - unpriviligierte Ports
+# -
+unprivports="1024:65535"
+
+
+# -------------
+# --- Some IPv4-Address Configuration
+# -------------
+
+# - Loopback
+loopback_ipv4="127.0.0.0/8"
+
+# - Private Networks
+priv_class_a="10.0.0.0/8"
+priv_class_b="172.16.0.0/12"
+priv_class_c="192.168.0.0/16"
+
+# - Multicast Addresse
+class_d_multicast="224.0.0.0/4"
+
+# Reserved Addresse
+class_e_reserved="240.0.0.0/5"
+
+
+# -------------
+# --- Some IPv6-Address Configuration
+# -------------
+
+# unique local address (ULA) - private address block
+ula_block="fc00::/7"
+
+# - Loopback
+loopback_ipv6="::1/128"
+
--- a/conf/main_ipv4.conf.sample
+++ b/conf/main_ipv4.conf.sample
@ -10,6 +10,9 @@
 # --- Prevent bridged traffic getting pushed through the host's iptables rules
 # -------------

+# - Prevent bridged traffic getting pushed through the
+# - host's iptables rules
+# -
 # - Note: Maybe youe have also to activate forwarding
 # -
 # -    Set: kernel_activate_forwarding=true
@ -189,6 +192,13 @@ allow_local_service=""
 vpn_server_ips=""
 forward_vpn_server_ips=""

+# - VPN Port(s) used by local Services
+# -
+# - blank separated list
+# -
+vpn_ports="$standard_vpn_port"
+
+
 # DHCP Server
 #
 # Comma seperated Interface list for DHCP services
@ -204,11 +214,25 @@ forward_dns_server_ips=""
 ssh_server_ips=""
 forward_ssh_server_ips=""

+# - SSH Port(s) used by local Services
+# -
+# - comma separated list
+# -
+ssh_ports="$standard_ssh_port"
+
+
 # - HTTP(S) Server
 # -
 http_server_ips=""
 forward_http_server_ips=""

+# - HTTP(S) Ports used by local Services
+# -
+# - comma separated list
+# -
+http_ports="$standard_http_ports"
+
+
 # - Mail SMTP Server 
 # -
 smtpd_ips=""
@ -219,6 +243,13 @@ forward_smtpd_ips=""
 mail_server_ips=""
 forward_mail_server_ips=""

+# - Client Ports used by local Mail Services
+# -
+# - comma separated list
+# -
+mail_user_ports="$standard_mailuser_ports"
+
+
 # - Mail Client (smtps/pop(s)/imap(s)
 # -
 mail_client_ips=""
@ -229,11 +260,25 @@ forward_mail_client_ips=""
 ftp_server_ips=""
 forward_ftp_server_ips=""

+# - FTP passive port range use by local ftp service(s)
+# -
+# - example: ftp_passive_port_range="50000:50400"
+# -
+ftp_passive_port_range="50000:50400"
+
+
 # - Mumble Server
 # -
 mumble_server_ips=""
 forward_mumble_server_ips=""

+# - Ports used by local Munmle Services
+# -
+# - comma separated list
+# -
+mumble_ports="$standard_mumble_port"
+
+
 # - TFTP Server
 # -
 # - NOT YET IMPLEMENTED
@ -245,6 +290,13 @@ tftp_server_ips=""
 munin_server_ips=""
 forward_munin_server_ips=""

+# - Port used by clients hosted on this (local) Munin Services
+# -
+# - !! Only one port is possible !!
+# -
+munin_remote_port="$standard_munin_port"
+
+
 # - Remote Munin Server
 # -
 munin_remote_ip="138.201.33.54"
@ -257,6 +309,13 @@ munin_local_port="4949"
 xymon_server_ips=""
 local_xymon_client=false

+# - Port used by local Xymon Services
+# -
+# - !! Only one port is possible !!
+# -
+xymon_port="$standard_xymon_port"
+
+

 # -------------
 # - Protocols Out
--- a/conf/main_ipv6.conf.sample
+++ b/conf/main_ipv6.conf.sample
@ -205,6 +205,13 @@ allow_local_service=""
 vpn_server_ips=""
 forward_vpn_server_ips=""

+# - VPN Port(s) used by local Services
+# -
+# - blank separated list
+# -
+vpn_ports="$standard_vpn_port"
+
+
 # DHCP Server
 #
 # Comma seperated Interface list for DHCP services
@ -220,11 +227,25 @@ forward_dns_server_ips=""
 ssh_server_ips=""
 forward_ssh_server_ips=""

+# - SSH Port(s) used by local Services
+# -
+# - comma separated list
+# -
+ssh_ports="$standard_ssh_port"
+
+
 # - HTTP(S) Server
 # -
 http_server_ips=""
 forward_http_server_ips=""

+# - HTTP(S) Ports used by local Services
+# -
+# - comma separated list
+# -
+http_ports="$standard_http_ports"
+
+
 # - Mail SMTP Server 
 # -
 smtpd_ips=""
@ -235,6 +256,13 @@ forward_smtpd_ips=""
 mail_server_ips=""
 forward_mail_server_ips=""

+# - Client Ports used by local Mail Services
+# -
+# - comma separated list
+# -
+mail_user_ports="$standard_mailuser_ports"
+
+
 # - Mail Client (smtps/pop(s)/imap(s)
 # -
 mail_client_ips=""
@ -245,11 +273,25 @@ forward_mail_client_ips=""
 ftp_server_ips=""
 forward_ftp_server_ips=""

+# - FTP passive port range use by local ftp service(s)
+# -
+# - example: ftp_passive_port_range="50000:50400"
+# -
+ftp_passive_port_range="50000:50400"
+
+
 # - Mumble Server
 # -
 mumble_server_ips=""
 forward_mumble_server_ips=""

+# - Ports used by local Munmle Services
+# -
+# - comma separated list
+# -
+mumble_ports="$standard_mumble_port"
+
+
 # - TFTP Server
 # -
 # - NOT YET IMPLEMENTED
@ -261,6 +303,13 @@ tftp_server_ips=""
 munin_server_ips=""
 forward_munin_server_ips=""

+# - Ports used by clients hosted on this (local) Munin Services
+# -
+# - !! Only one port is possible !!
+# -
+munin_remote_port="$standard_munin_port"
+
+
 # - Remote Munin Server
 # -
 munin_remote_ip="2a01:4f8:171:3493::54"
@ -273,6 +322,13 @@ munin_local_port="4949"
 xymon_server_ips=""
 local_xymon_client=false

+# - Ports used by clients hosted on this (local) Munin Services
+# -
+# - !! Only one port is possible !!
+# -
+munin_remote_port="$standard_munin_port"
+
+

 # -------------
 # - Protocols Out
--- a/conf/ports.conf
+++ b/conf/ports.conf
@ -1,79 +0,0 @@
-#!/usr/bin/env bash
-
-
-# -------------
-# --- Define Ports for Services
-# -------------
-
-# - Web Server Ports
-# -
-http_ports="80,443"
-
-# - FTP Servers Passive Portrange
-# -
-ftp_passive_port_range="50000:50400"
-
-# - Mail Client Ports (Submission/SMTPS/POPS/IMAPS)
-# -
-mail_user_ports="587,465,110,995,143,993"
-
-# - SSH Ports
-# -
-# - comma separated list
-ssh_ports="22"
-
-# - VPN Service
-vpn_ports="1194 1195"
-
-# - Mumble Server
-# -
-mumble_ports="64738"
-
-# - XyMon Service (usually TCP port 1984)
-# -
-# - NOT YET IMPLEMENTED
-# -
-xymon_port=1984
-
-# - Munin Server Port (usually TCP port 4949)
-# -
-munin_remote_port="4949"
-
-
-# -------------
-# --- Predefined Ports
-# -------------
-
-# - unpriviligierte Ports
-# -
-unprivports="1024:65535"
-
-
-# -------------
-# --- Some IPv4-Address Configuration
-# -------------
-
-# - Loopback
-loopback_ipv4="127.0.0.0/8"
-
-# - Private Networks
-priv_class_a="10.0.0.0/8"
-priv_class_b="172.16.0.0/12"
-priv_class_c="192.168.0.0/16"
-
-# - Multicast Addresse
-class_d_multicast="224.0.0.0/4"
-
-# Reserved Addresse
-class_e_reserved="240.0.0.0/5"
-
-
-# -------------
-# --- Some IPv6-Address Configuration
-# -------------
-
-# unique local address (ULA) - private address block
-ula_block="fc00::/7"
-
-# - Loopback
-loopback_ipv6="::1/128"