Add Readme file adn comments for/in postfwd2 resources.
This commit is contained in:
63
DOC/postfwd/README.processing-rule-sets
Normal file
63
DOC/postfwd/README.processing-rule-sets
Normal file
@ -0,0 +1,63 @@
|
||||
|
||||
# ---
|
||||
#
|
||||
# Processing of the Rule Sets
|
||||
#
|
||||
# The parser checks the elements of a policy delegation request against the postfwd set
|
||||
# of rules and, if necessary, triggers the configured action (action=). Similar to a
|
||||
# classic firewall, a rule is considered true if every element of the set of rules (or
|
||||
# one from every element list) applies to the comparison. I.e. the following rule:
|
||||
#
|
||||
# client_address=1.1.1.1, 1.1.1.2; client_name==unknown; action=REJECT
|
||||
#
|
||||
# triggers a REJECT if the
|
||||
# Client address is equal (1.1.1.1 OR 1.1.1.2) AND the client name 'unknown'
|
||||
#
|
||||
#
|
||||
# Note:
|
||||
# If an element occurs more than once, an element list is formed:
|
||||
#
|
||||
# The following rule set is equivalent to the above:
|
||||
#
|
||||
# client_address=1.1.1.1; client_address=1.1.1.2; client_name==unknown; action=REJECT
|
||||
#
|
||||
# triggers a REJECT if (as above) the
|
||||
# Client address (1.1.1.1 OR 1.1.1.2) AND the client name 'unknown'
|
||||
#
|
||||
# ---
|
||||
|
||||
|
||||
|
||||
# ---
|
||||
#
|
||||
# Verarbeitung des Regelwerks
|
||||
#
|
||||
# Der Parser prüft die Elemente eines Policy Delegation Requests gegen das postfwd
|
||||
# Regelwerk und löst ggf die konfigurierte Aktion (action=) aus. Ähnlich einer
|
||||
# klassischen Firewall gilt eine Reg el als wahr, wenn jedes Element des Regelwerkes
|
||||
# (bzw eines aus jeder Elementliste) beim Vergleich zutrifft. D.h. folgende Regel:
|
||||
#
|
||||
# client_address=1.1.1.1, 1.1.1.2; client_name==unknown; action=REJECT
|
||||
#
|
||||
# löst einen REJECT aus, wenn die
|
||||
#
|
||||
# Client Adresse (1.1.1.1 ODER 1.1.1.2) UND der Client Name 'unknown'
|
||||
#
|
||||
#ist.
|
||||
#
|
||||
#
|
||||
# !! Bemerkung !!:
|
||||
#
|
||||
# Bei mehrfachem Vorkommen eines Elementes wird eine Elementliste gebildet:
|
||||
#
|
||||
# Das folgende Regelwerk (Rule Set) ist equivalent zu dem oben genannte:
|
||||
#
|
||||
# client_address=1.1.1.1; client_address=1.1.1.2; client_name==unknown; action=REJECT
|
||||
#
|
||||
# löst einen REJECT aus, wenn (wie oben) die
|
||||
#
|
||||
# Client Adresse (1.1.1.1 ODER 1.1.1.2) UND der Client Name 'unknown'
|
||||
#
|
||||
# ist.
|
||||
#
|
||||
# ---
|
||||
20
DOC/postfwd/README.test.postfwd2
Normal file
20
DOC/postfwd/README.test.postfwd2
Normal file
@ -0,0 +1,20 @@
|
||||
TESTING
|
||||
=======
|
||||
|
||||
First you have to create a ruleset (see Configuration section). Check it with
|
||||
|
||||
postfwd2 −f /etc/postfwd.cf −C
|
||||
|
||||
There is an example policy request distributed with postfwd, called ’request.sample’. Simply change it to meet your requirements and use
|
||||
|
||||
postfwd2 −f /etc/postfwd.cf <request.sample
|
||||
|
||||
You should get an answer like
|
||||
|
||||
action=<whateveryouconfigured>
|
||||
|
||||
For network tests I use netcat:
|
||||
|
||||
nc 127.0.0.1 10045 <request.sample
|
||||
|
||||
to send a request to postfwd. If you receive nothing, make sure that postfwd2 is running and listening on the specified network settings.
|
||||
Reference in New Issue
Block a user