Add Readme file adn comments for/in postfwd2 resources.
This commit is contained in:
parent
05dd7bd0ce
commit
fb637796fc
63
DOC/postfwd/README.processing-rule-sets
Normal file
63
DOC/postfwd/README.processing-rule-sets
Normal file
@ -0,0 +1,63 @@
|
|||||||
|
|
||||||
|
# ---
|
||||||
|
#
|
||||||
|
# Processing of the Rule Sets
|
||||||
|
#
|
||||||
|
# The parser checks the elements of a policy delegation request against the postfwd set
|
||||||
|
# of rules and, if necessary, triggers the configured action (action=). Similar to a
|
||||||
|
# classic firewall, a rule is considered true if every element of the set of rules (or
|
||||||
|
# one from every element list) applies to the comparison. I.e. the following rule:
|
||||||
|
#
|
||||||
|
# client_address=1.1.1.1, 1.1.1.2; client_name==unknown; action=REJECT
|
||||||
|
#
|
||||||
|
# triggers a REJECT if the
|
||||||
|
# Client address is equal (1.1.1.1 OR 1.1.1.2) AND the client name 'unknown'
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# Note:
|
||||||
|
# If an element occurs more than once, an element list is formed:
|
||||||
|
#
|
||||||
|
# The following rule set is equivalent to the above:
|
||||||
|
#
|
||||||
|
# client_address=1.1.1.1; client_address=1.1.1.2; client_name==unknown; action=REJECT
|
||||||
|
#
|
||||||
|
# triggers a REJECT if (as above) the
|
||||||
|
# Client address (1.1.1.1 OR 1.1.1.2) AND the client name 'unknown'
|
||||||
|
#
|
||||||
|
# ---
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# ---
|
||||||
|
#
|
||||||
|
# Verarbeitung des Regelwerks
|
||||||
|
#
|
||||||
|
# Der Parser prüft die Elemente eines Policy Delegation Requests gegen das postfwd
|
||||||
|
# Regelwerk und löst ggf die konfigurierte Aktion (action=) aus. Ähnlich einer
|
||||||
|
# klassischen Firewall gilt eine Reg el als wahr, wenn jedes Element des Regelwerkes
|
||||||
|
# (bzw eines aus jeder Elementliste) beim Vergleich zutrifft. D.h. folgende Regel:
|
||||||
|
#
|
||||||
|
# client_address=1.1.1.1, 1.1.1.2; client_name==unknown; action=REJECT
|
||||||
|
#
|
||||||
|
# löst einen REJECT aus, wenn die
|
||||||
|
#
|
||||||
|
# Client Adresse (1.1.1.1 ODER 1.1.1.2) UND der Client Name 'unknown'
|
||||||
|
#
|
||||||
|
#ist.
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# !! Bemerkung !!:
|
||||||
|
#
|
||||||
|
# Bei mehrfachem Vorkommen eines Elementes wird eine Elementliste gebildet:
|
||||||
|
#
|
||||||
|
# Das folgende Regelwerk (Rule Set) ist equivalent zu dem oben genannte:
|
||||||
|
#
|
||||||
|
# client_address=1.1.1.1; client_address=1.1.1.2; client_name==unknown; action=REJECT
|
||||||
|
#
|
||||||
|
# löst einen REJECT aus, wenn (wie oben) die
|
||||||
|
#
|
||||||
|
# Client Adresse (1.1.1.1 ODER 1.1.1.2) UND der Client Name 'unknown'
|
||||||
|
#
|
||||||
|
# ist.
|
||||||
|
#
|
||||||
|
# ---
|
||||||
@ -1200,6 +1200,36 @@ if [[ ! -f "/etc/postfix/postfwd.cf" ]]; then
|
|||||||
|
|
||||||
#======= Rule Sets ============
|
#======= Rule Sets ============
|
||||||
|
|
||||||
|
# ---
|
||||||
|
#
|
||||||
|
# Processing of the Rule Sets
|
||||||
|
#
|
||||||
|
# The parser checks the elements of a policy delegation request against the postfwd set
|
||||||
|
# of rules and, if necessary, triggers the configured action (action=). Similar to a
|
||||||
|
# classic firewall, a rule is considered true if every element of the set of rules (or
|
||||||
|
# one from every element list) applies to the comparison. I.e. the following rule:
|
||||||
|
#
|
||||||
|
# client_address=1.1.1.1, 1.1.1.2; client_name==unknown; action=REJECT
|
||||||
|
#
|
||||||
|
# triggers a REJECT if the
|
||||||
|
#
|
||||||
|
# Client address is equal (1.1.1.1 OR 1.1.1.2) AND the client name 'unknown'
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# Note:
|
||||||
|
# If an element occurs more than once, an element list is formed:
|
||||||
|
#
|
||||||
|
# The following rule set is equivalent to the above:
|
||||||
|
#
|
||||||
|
# client_address=1.1.1.1; client_address=1.1.1.2; client_name==unknown; action=REJECT
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# triggers a REJECT if (as above) the
|
||||||
|
#
|
||||||
|
# Client address (1.1.1.1 OR 1.1.1.2) AND the client name 'unknown'
|
||||||
|
#
|
||||||
|
# ---
|
||||||
|
|
||||||
# Whitelists
|
# Whitelists
|
||||||
|
|
||||||
# Whitelist trusted networks
|
# Whitelist trusted networks
|
||||||
|
|||||||
@ -387,6 +387,36 @@ echononl " Create configuration file '/etc/postfix/postfwd.cf'.."
|
|||||||
|
|
||||||
#======= Rule Sets ============
|
#======= Rule Sets ============
|
||||||
|
|
||||||
|
# ---
|
||||||
|
#
|
||||||
|
# Processing of the Rule Sets
|
||||||
|
#
|
||||||
|
# The parser checks the elements of a policy delegation request against the postfwd set
|
||||||
|
# of rules and, if necessary, triggers the configured action (action=). Similar to a
|
||||||
|
# classic firewall, a rule is considered true if every element of the set of rules (or
|
||||||
|
# one from every element list) applies to the comparison. I.e. the following rule:
|
||||||
|
#
|
||||||
|
# client_address=1.1.1.1, 1.1.1.2; client_name==unknown; action=REJECT
|
||||||
|
#
|
||||||
|
# triggers a REJECT if the
|
||||||
|
#
|
||||||
|
# Client address is equal (1.1.1.1 OR 1.1.1.2) AND the client name 'unknown'
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# Note:
|
||||||
|
# If an element occurs more than once, an element list is formed:
|
||||||
|
#
|
||||||
|
# The following rule set is equivalent to the above:
|
||||||
|
#
|
||||||
|
# client_address=1.1.1.1; client_address=1.1.1.2; client_name==unknown; action=REJECT
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# triggers a REJECT if (as above) the
|
||||||
|
#
|
||||||
|
# Client address (1.1.1.1 OR 1.1.1.2) AND the client name 'unknown'
|
||||||
|
#
|
||||||
|
# ---
|
||||||
|
|
||||||
# Whitelists
|
# Whitelists
|
||||||
|
|
||||||
# Whitelist trusted networks
|
# Whitelist trusted networks
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user