From 85b1e4d2c6c2bbe17de089419cd2dc3629af8efb Mon Sep 17 00:00:00 2001
From: Christoph <ckubu@oopen.de>
Date: Mon, 19 Jan 2026 16:51:33 +0100
Subject: [PATCH] deleted file 'post_decalrations.conf'.

---
 conf/post_decalrations.conf | 621 ------------------------------------
 1 file changed, 621 deletions(-)
 delete mode 100644 conf/post_decalrations.conf

diff --git a/conf/post_decalrations.conf b/conf/post_decalrations.conf
deleted file mode 100644
index e6a8137..0000000
--- a/conf/post_decalrations.conf
+++ /dev/null
@@ -1,621 +0,0 @@
-#!/usr/bin/env bash
-
-
-# -----------
-# --- Define Arrays
-# -----------
-
-# ---
-# NAT (Masquerade) Network interfaces
-# ---
-
-declare -a nat_device_arr=()
-for _dev in $nat_devices ; do
-   if ! containsElement $_dev "${nat_device_arr[@]}" ; then
-      nat_device_arr+=("$_dev")
-   fi
-done
-
-
-# ---
-# IP Addresses LX Guest System
-# ---
-
-declare -a lxc_guest_ip_arr=()
-for _ip in $lxc_guest_ips ; do
-   lxc_guest_ip_arr+=("$_ip")
-done
-
-
-# ---
-# local Interfaces
-# ---
-
-declare -a local_ip_arr=()
-for _ip in $local_ips ; do
-   local_ip_arr+=("$_ip")
-done
-
-
-# ---
-# - IP Addresses to log
-# ---
-declare -a log_ip_arr
-for _ip in $log_ips ; do
-   log_ip_arr+=("$_ip")
-done
-
-
-# ---
-# - LOG CGI script Traffic out
-# ---
-declare -a cgi_script_user_arr=()
-for _user in $cgi_script_users ; do
-   cgi_script_user_arr+=($_user)
-done
-
-
-# ---
-# - IP-Addresses (Host, Guests (VServer, LX_Container)
-# ---
-declare -a ext_ip_arr
-for _ip in $ext_ips ; do
-   host_ip_arr+=("$_ip")
-done
-
-# ---
-# - Extern Interfaces
-# ---
-declare -a ext_if_arr
-for _dev in $ext_ifs ; do
-   ext_if_arr+=("$_dev")
-done
-
-# ---
-# - VPN Interfaces
-# ---
-declare -a vpn_if_arr
-for _dev in $vpn_ifs ; do
-   vpn_if_arr+=("$_dev")
-done
-
-# ---
-# - WireGuard Interfaces
-# ---
-declare -a wg_if_arr
-for _dev in $wg_ifs ; do
-   wg_if_arr+=("$_dev")
-done
-
-# ---
-# - Local Network Interfaces
-# ---
-declare -a local_if_arr
-for _dev in $local_ifs ; do
-   local_if_arr+=("$_dev")
-done
-
-# ---
-# - Network Interfaces completly blocked
-# ---
-declare -a blocked_if_arr
-for _dev in $blocked_ifs ; do
-   blocked_if_arr+=("$_dev")
-done
-
-# ---
-# - Network Interfaces not firewalled
-# ---
-declare -a unprotected_if_arr
-for _dev in $unprotected_ifs ; do
-   unprotected_if_arr+=("$_dev")
-done
-
-# ---
-# - Restrict local Servive to given IP-Address/Network
-# ---
-declare -a restrict_local_service_to_net_arr
-for _val in $restrict_local_service_to_net ; do
-   restrict_local_service_to_net_arr+=("$_val")
-done
-
-# ---
-# - Restrict local Network to given IP-Address/Network
-# ---
-declare -a restrict_local_net_to_net_arr
-for _val in $restrict_local_net_to_net ; do
-   restrict_local_net_to_net_arr+=("$_val")
-done
-
-# ---
-# - Allow extern Service 
-# ---
-declare -a allow_ext_service_arr
-for _val in $allow_ext_service ; do
-   allow_ext_service_arr+=("$_val")
-done
-
-# ---
-# - Allow extern IP-Address/Network
-# ---
-declare -a allow_ext_net_arr
-for _net in $allow_ext_net ; do
-   allow_ext_net_arr+=("$_net")
-done
-
-# ---
-# - Allow (non-standard) local Services 
-# ---
-declare -a allow_local_service_arr
-for _val in $allow_local_service ; do
-   allow_local_service_arr+=("$_val")
-done
-
-# ---
-# - Allow (non-standard) local Services from specified network
-# ---
-declare -a allow_local_service_from_network_arr
-for _service in $allow_local_service_from_networks ; do
-   allow_local_service_from_network_arr+=("$_service")
-done
-
-# ---
-# - Generally block ports
-# ---
-declare -a block_tcp_port_arr
-for _port in $block_tcp_ports ; do
-   block_tcp_port_arr+=("$_port")
-done
-
-declare -a block_udp_port_arr
-for _port in $block_udp_ports ; do
-   block_udp_port_arr+=("$_port")
-done
-
-# ---
-# - Private IPs / IP-Ranges allowed to forward
-# ---
-declare -a forward_private_ip_arr
-for _ip in $forward_private_ips ; do
-   forward_private_ip_arr+=("$_ip")
-done
-
-# ---
-# - Network Interfaces DHCP Service
-# ---
-declare -a dhcp_server_if_arr
-for _dev in $dhcp_server_ifs ; do
-   dhcp_server_if_arr+=($_dev)
-done
-declare -a dhcp_client_if_arr
-for _dev in $dhcp_client_ifs ; do
-   dhcp_client_if_arr+=($_dev)
-done
-
-# ---
-# - IP Addresses DNS Server
-# ---
-# - local
-declare -a dns_server_ip_arr
-for _ip in $dns_server_ips ; do
-   dns_server_ip_arr+=("$_ip")
-done
-# DMZ
-declare -a forward_dns_server_ip_arr
-for _ip in $forward_dns_server_ips ; do
-   forward_dns_server_ip_arr+=("$_ip")
-done
-
-# ---
-# - Netwoks allowed access to local DNS Resolver
-# ---
-declare -a resolver_allowed_network_arr
-for _net in $resolver_allowed_networks ; do
-   resolver_allowed_network_arr+=("$_net")
-done
-
-# ---
-# - IP Addresses VPN Server
-# ---
-# local
-declare -a vpn_server_ip_arr
-for _ip in $vpn_server_ips ; do
-   vpn_server_ip_arr+=("$_ip")
-done
-# DMZ
-declare -a forward_vpn_server_ip_arr
-for _ip in $forward_vpn_server_ips ; do
-   forward_vpn_server_ip_arr+=("$_ip")
-done
-
-# ---
-# - IP Addresses WireGuard Service
-# ---
-# local
-declare -a wireguard_server_ip_arr
-for _ip in $wireguard_server_ips ; do
-   wireguard_server_ip_arr+=("$_ip")
-done
-# DMZ
-declare -a forward_wireguard_server_ip_arr
-for _ip in $forward_wireguard_server_ips ; do
-   forward_wireguard_server_ip_arr+=("$_ip")
-done
-
-# ---
-# - IP Addresses SSH Server
-# ---
-# local
-declare -a ssh_server_ip_arr
-for _ip in $ssh_server_ips ; do
-   ssh_server_ip_arr+=("$_ip")
-done
-# DMZ
-declare -a forward_ssh_server_ip_arr
-for _ip in $forward_ssh_server_ips ; do
-   forward_ssh_server_ip_arr+=("$_ip")
-done
-
-# ---
-# - IP Addresses HTTP Server
-# ---
-# local
-declare -a http_server_ip_arr
-for _ip in $http_server_ips ; do
-   http_server_ip_arr+=("$_ip")
-done
-# DMZ
-declare -a forward_http_server_ip_arr
-for _ip in $forward_http_server_ips ; do
-   forward_http_server_ip_arr+=("$_ip")
-done
-
-# ---
-# - IP Addresses MatterMost Service
-# ---
-# local
-declare -a mm_server_ip_arr
-for _ip in $mm_server_ips ; do
-   mm_server_ip_arr+=("$_ip")
-done
-# DMZ
-declare -a forward_mm_server_ip_arr
-for _ip in $forward_mm_server_ips ; do
-   forward_mm_server_ip_arr+=("$_ip")
-done
-
-# ---
-# - IP Addresses FTP Server
-# ---
-# local
-declare -a ftp_server_ip_arr
-for _ip in $ftp_server_ips ; do
-   ftp_server_ip_arr+=("$_ip")
-done
-# DMZ
-declare -a forward_ftp_server_ip_arr
-for _ip in $forward_ftp_server_ips ; do
-   forward_ftp_server_ip_arr+=("$_ip")
-done
-
-# ---
-# - Mail SMTP Server
-# ---
-# local
-declare -a smtpd_ips_arr
-for _ip in $smtpd_ips ; do
-   smtpd_ips_arr+=("$_ip")
-done
-# DMZ
-declare -a forward_smtpd_ip_arr
-for _ip in $forward_smtpd_ips ; do
-   forward_smtpd_ip_arr+=("$_ip")
-done
-
-
-# ---
-# Additional SMTP Listen Ports
-# ---
-declare -a smtpd_additional_listen_port_arr
-for _port in $smtpd_additional_listen_ports ; do
-   smtpd_additional_listen_port_arr+=("$_port")
-done
-
-
-# ---
-# Additional SMTP Outgoing Ports
-# ---
-declare -a smtpd_additional_outgoung_port_arr
-for _port in $smtpd_additional_outgoung_ports ; do
-   smtpd_additional_outgoung_port_arr+=("$_port")
-done
-
-
-
-# ---
-# - IP Addresses XMPP Service (Jabber - Prosody)
-# ---
-declare -a xmpp_server_ip_arr
-for _ip in $xmpp_server_ips ; do
-   xmpp_server_ip_arr+=("$_ip")
-done
-
-declare -a forward_xmpp_server_ip_arr
-for _ip in $forward_xmpp_server_ips ; do
-   forward_xmpp_server_ip_arr+=("$_ip")
-done
-
-# ---
-# - XMPP Remote Dovecote Out Service
-# ---
-declare -a xmmp_remote_out_service_arr
-for _val in $xmmp_remote_out_services ; do
-   xmmp_remote_out_service_arr+=("$_val")
-done
-
-# ---
-# - Mail Services (smtps/pop(s)/imap(s)
-# ---
-# local
-declare -a mail_server_ips_arr
-for _ip in $mail_server_ips ; do
-   mail_server_ips_arr+=("$_ip")
-done
-# DMZ
-declare -a forward_mail_server_ip_arr
-for _ip in $forward_mail_server_ips ; do
-   forward_mail_server_ip_arr+=("$_ip")
-done
-
-# ---
-# - Mail client (smtps/pop(s)/imap(s)
-# ---
-# local
-declare -a mail_client_ips_arr
-for _ip in $mail_client_ips ; do
-   mail_client_ips_arr+=("$_ip")
-done
-# DMZ
-declare -a forward_mail_client_ip_arr
-for _ip in $forward_mail_client_ips ; do
-   forward_mail_client_ip_arr+=("$_ip")
-done
-
-# ---
-# - (local) Dovecot auth service
-# ---
-declare -a dovecot_auth_allowed_network_arr
-for _ip in $dovecot_auth_allowed_networks ; do
-   dovecot_auth_allowed_network_arr+=("$_ip")
-done
-
-# ---
-# - IP Addresses Mumble Server
-# ---
-# local
-declare -a mumble_server_ip_arr
-for _ip in $mumble_server_ips ; do
-   mumble_server_ip_arr+=("$_ip")
-done
-# DMZ
-declare -a forward_mumble_server_ip_arr
-for _ip in $forward_mumble_server_ips ; do
-   forward_mumble_server_ip_arr+=("$_ip")
-done
-
-# ---
-# - IP Addresses Jitsi Video Conferencing Server
-# ---
-declare -a jitsi_server_ip_arr
-for _ip in $jitsi_server_ips ; do
-   jitsi_server_ip_arr+=("$_ip")
-done
-# DMZ
-declare -a forward_jitsi_server_ip_arr
-for _ip in $forward_jitsi_server_ips ; do
-   forward_jitsi_server_ip_arr+=("$_ip")
-done
-
-# ---
-# - IP Addresses Remote Jibri Server
-# ---
-declare -a jitsi_jibri_remote_ip_arr
-for _ip in $jitsi_jibri_remote_ips ; do
-   jitsi_jibri_remote_ip_arr+=("$_ip")
-done
-
-# ---
-# - IP Addresses Jibri Recording / Streaming Server
-# ---
-declare -a jibri_server_ip_arr
-for _ip in $jibri_server_ips ; do
-   jibri_server_ip_arr+=("$_ip")
-done
-# DMZ
-declare -a forward_jibri_server_ip_arr
-for _ip in $forward_jibri_server_ips ; do
-   forward_jibri_server_ip_arr+=("$_ip")
-done
-
-# ---
-# - IP Addresses TURN Server (Stun Server) (for Nextcloud 'talk' app)
-# ---
-# local
-declare -a nc_turn_server_ip_arr
-for _ip in $nc_turn_server_ips ; do
-   nc_turn_server_ip_arr+=("$_ip")
-done
-# DMZ
-declare -a forward_nc_turn_server_ip_arr
-for _ip in $forward_nc_turn_server_ips ; do
-   forward_nc_turn_server_ip_arr+=("$_ip")
-done
-
-# ---
-# - IP Addresses Telephone Systems
-# ---
-declare -a tel_sys_ip_arr
-for _ip in $tel_sys_ips ; do
-   tel_sys_ip_arr+=("$_ip")
-done
-
-# ---
-# - Prometheus Monitoring - local Server
-# ---
-declare -a prometheus_local_server_ip_arr
-for _ip in $prometheus_local_server_ips ; do
-   prometheus_local_server_ip_arr+=("$_ip")
-done
-
-# ---
-# - Prometheus Monitoring - local Client
-# ---
-declare -a prometheus_local_client_ip_arr
-for _ip in $prometheus_local_client_ips; do
-   prometheus_local_client_ip_arr+=("$_ip")
-done
-declare -a prometheus_remote_server_ip_arr
-for _ip in $prometheus_remote_server_ips ; do
-   prometheus_remote_server_ip_arr+=("$_ip")
-done
-
-
-# ---
-# - IP Addresses Munin
-# ---
-# local
-declare -a munin_server_ip_arr
-for _ip in $munin_server_ips ; do
-   munin_server_ip_arr+=("$_ip")
-done
-# DMZ
-declare -a forward_munin_server_ip_arr
-for _ip in $forward_munin_server_ips ; do
-   forward_munin_server_ip_arr+=("$_ip")
-done
-
-# ---
-# - IP Addresses XyMon
-# ---
-declare -a xymon_server_ip_arr
-for _ip in $xymon_server_ips ; do
-   xymon_server_ip_arr+=("$_ip")
-done
-
-# ---
-# - IP Addresses Rsync Out
-# ---
-# local
-declare -a rsync_out_ip_arr
-for _ip in $rsync_out_ips ; do
-   rsync_out_ip_arr+=("$_ip")
-done
-# DMZ
-declare -a forward_rsync_out_ip_arr
-for _ip in $forward_rsync_out_ips ; do
-   forward_rsync_out_ip_arr+=("$_ip")
-done
-
-# ---
-# - SSH Ports
-# ---
-declare -a ssh_port_arr
-for _port in $ssh_ports ; do
-   ssh_port_arr+=("$_port")
-done
-
-# ---
-# - XMPP Service (Jabber - Prosody)
-# ---
-declare -a xmmp_tcp_in_port_arr
-for _port in $xmmp_tcp_in_ports ; do
-   xmmp_tcp_in_port_arr+=("$_port")
-done
-
-declare -a xmmp_tcp_out_port_arr
-for _port in $xmmp_tcp_out_ports ; do
-   xmmp_tcp_out_port_arr+=("$_port")
-done
-
-# ---
-# - VPN Ports
-# ---
-# local
-declare -a vpn_port_arr
-for _port in $vpn_ports ; do
-   vpn_port_arr+=("$_port")
-done
-
-# ---
-# - Wireguard Ports (local Service)
-# ---
-# local
-declare -a wireguard_server_port_arr
-for _port in $wireguard_server_ports ; do
-   wireguard_server_port_arr+=("$_port")
-done
-
-# ---
-# - Wireguard out Ports
-# ---
-# local
-declare -a wireguard_out_port_port_arr
-for _port in $wireguard_out_ports ; do
-   wireguard_out_port_port_arr+=("$_port")
-done
-
-
-# ---
-# - Rsync Out Ports
-# --
-declare -a rsync_port_arr
-for _port in $rsync_ports ; do
-   rsync_port_arr+=("$_port")
-done
-
-
-# ---
-# - Special TCP Ports OUT
-# ---
-# local
-declare -a tcp_out_port_arr
-for _port in $tcp_out_ports ; do
-   tcp_out_port_arr+=("$_port")
-done
-# DMZ
-declare -a forward_tcp_out_port_arr
-for _port in $forward_tcp_out_ports ; do
-   forward_tcp_out_port_arr+=("$_port")
-done
-
-# ---
-# - Special UDP Ports OUT
-# ---
-# local
-declare -a udp_out_port_arr
-for _port in $udp_out_ports ; do
-   udp_out_port_arr+=("$_port")
-done
-# DMZ
-declare -a forward_udp_out_port_arr
-for _port in $forward_udp_out_ports ; do
-   forward_udp_out_port_arr+=("$_port")
-done
-
-
-# ---
-# - Portforwrds TCP
-# ---
-declare -a portforward_tcp_arr
-for _str in $portforward_tcp ; do
-   portforward_tcp_arr+=("$_str")
-done
-
-# ---
-# - Portforwrds UDP
-# ---
-declare -a portforward_udp_arr
-for _str in $portforward_udp ; do
-   portforward_udp_arr+=("$_str")
-done
-