Add support fpr Jitsi Meet Authentication agains dovecot.

2020-04-26 10:16:32 +02:00
parent dcbe4605bc
commit df10be0d45
4 changed files with 54 additions and 7 deletions
--- a/26
+++ b/26
@ -467,13 +467,13 @@ if [[ -f "$conf_ban_ipv6_list" ]] ; then
         for _dev in ${ext_if_arr[@]} ; do
            if $log_blocked_ip || $log_all ; then
               $ip6t -A INPUT -i $_dev -s $_ip -j $LOG_TARGET $tag_log_prefix "$log_prefix Blocked: "
-               if $kernel_activate_forwarding ; then
+               if $kernel_forward_between_interfaces ; then
                  $ip6t -A FORWARD -i $_dev -s $_ip -j $LOG_TARGET $tag_log_prefix "$log_prefix Blocked: "
               fi
            fi

            $ip6t -A INPUT -i $_dev -s $_ip -j DROP
-            if $kernel_activate_forwarding ; then
+            if $kernel_forward_between_interfaces ; then
               $ip6t -A FORWARD -i $_dev -s $_ip -j DROP
            fi
         done
@ -1773,7 +1773,7 @@ fi
 # - Jitsi Video Conferencing Service
 # ---

-echononl "\t\tJitsi Video Conferencing Service Incoming Ports"
+echononl "\t\tJitsi Meet Video Conferencing Service Incoming Ports"


 if [[ ${#jitsi_server_ip_arr[@]} -gt 0 ]] || [[ ${#forward_jitsi_server_ip_arr[@]} -gt 0 ]] ; then
@ -1800,7 +1800,7 @@ else
   echo_skipped
 fi

-echononl "\t\tJitsi Video Conferencing Service Outgoing Ports"
+echononl "\t\tJitsi Meet Video Conferencing Service Outgoing Ports"
 if [[ ${#jitsi_server_ip_arr[@]} -gt 0 ]] || [[ ${#forward_jitsi_server_ip_arr[@]} -gt 0 ]] ; then
   if [[ ${#jitsi_server_ip_arr[@]} -gt 0 ]] ; then
      for _ip in ${jitsi_server_ip_arr[@]} ; do
@ -1820,6 +1820,24 @@ else
   echo_skipped
 fi

+echononl "\t\tJitsi Meet Dovecot Authentication"
+if [[ ${#jitsi_server_ip_arr[@]} -gt 0 ]] || [[ ${#forward_jitsi_server_ip_arr[@]} -gt 0 ]] ; then
+   if $jitsi_dovecot_auth && [[ -n "$jitsi_dovecot_host" ]] && [[ -n "$jitsi_dovecot_port" ]] ; then
+      if [[ ${#jitsi_server_ip_arr[@]} -gt 0 ]] ; then
+         $ip6t -A OUTPUT -p tcp -d $jitsi_dovecot_host --dport $jitsi_dovecot_port -m state --state NEW -j ACCEPT
+      fi
+
+      if [[ ${#forward_jitsi_server_ip_arr[@]} ]] && $kernel_forward_between_interfaces ; then
+         $ip6t -A FORWARD -p tcp -d $jitsi_dovecot_host --dport $jitsi_dovecot_port -m state --state NEW -j ACCEPT
+      fi
+      echo_done
+   else
+      echo_skipped
+   fi
+else
+   echo_skipped
+fi
+

 # ---
 # - TURN Service (for NC Talk App)