Add Readme file adn comments for/in postfwd2 resources.
This commit is contained in:
63
DOC/postfwd/README.processing-rule-sets
Normal file
63
DOC/postfwd/README.processing-rule-sets
Normal file
@@ -0,0 +1,63 @@
|
||||
|
||||
# ---
|
||||
#
|
||||
# Processing of the Rule Sets
|
||||
#
|
||||
# The parser checks the elements of a policy delegation request against the postfwd set
|
||||
# of rules and, if necessary, triggers the configured action (action=). Similar to a
|
||||
# classic firewall, a rule is considered true if every element of the set of rules (or
|
||||
# one from every element list) applies to the comparison. I.e. the following rule:
|
||||
#
|
||||
# client_address=1.1.1.1, 1.1.1.2; client_name==unknown; action=REJECT
|
||||
#
|
||||
# triggers a REJECT if the
|
||||
# Client address is equal (1.1.1.1 OR 1.1.1.2) AND the client name 'unknown'
|
||||
#
|
||||
#
|
||||
# Note:
|
||||
# If an element occurs more than once, an element list is formed:
|
||||
#
|
||||
# The following rule set is equivalent to the above:
|
||||
#
|
||||
# client_address=1.1.1.1; client_address=1.1.1.2; client_name==unknown; action=REJECT
|
||||
#
|
||||
# triggers a REJECT if (as above) the
|
||||
# Client address (1.1.1.1 OR 1.1.1.2) AND the client name 'unknown'
|
||||
#
|
||||
# ---
|
||||
|
||||
|
||||
|
||||
# ---
|
||||
#
|
||||
# Verarbeitung des Regelwerks
|
||||
#
|
||||
# Der Parser prüft die Elemente eines Policy Delegation Requests gegen das postfwd
|
||||
# Regelwerk und löst ggf die konfigurierte Aktion (action=) aus. Ähnlich einer
|
||||
# klassischen Firewall gilt eine Reg el als wahr, wenn jedes Element des Regelwerkes
|
||||
# (bzw eines aus jeder Elementliste) beim Vergleich zutrifft. D.h. folgende Regel:
|
||||
#
|
||||
# client_address=1.1.1.1, 1.1.1.2; client_name==unknown; action=REJECT
|
||||
#
|
||||
# löst einen REJECT aus, wenn die
|
||||
#
|
||||
# Client Adresse (1.1.1.1 ODER 1.1.1.2) UND der Client Name 'unknown'
|
||||
#
|
||||
#ist.
|
||||
#
|
||||
#
|
||||
# !! Bemerkung !!:
|
||||
#
|
||||
# Bei mehrfachem Vorkommen eines Elementes wird eine Elementliste gebildet:
|
||||
#
|
||||
# Das folgende Regelwerk (Rule Set) ist equivalent zu dem oben genannte:
|
||||
#
|
||||
# client_address=1.1.1.1; client_address=1.1.1.2; client_name==unknown; action=REJECT
|
||||
#
|
||||
# löst einen REJECT aus, wenn (wie oben) die
|
||||
#
|
||||
# Client Adresse (1.1.1.1 ODER 1.1.1.2) UND der Client Name 'unknown'
|
||||
#
|
||||
# ist.
|
||||
#
|
||||
# ---
|
||||
@@ -1200,6 +1200,36 @@ if [[ ! -f "/etc/postfix/postfwd.cf" ]]; then
|
||||
|
||||
#======= Rule Sets ============
|
||||
|
||||
# ---
|
||||
#
|
||||
# Processing of the Rule Sets
|
||||
#
|
||||
# The parser checks the elements of a policy delegation request against the postfwd set
|
||||
# of rules and, if necessary, triggers the configured action (action=). Similar to a
|
||||
# classic firewall, a rule is considered true if every element of the set of rules (or
|
||||
# one from every element list) applies to the comparison. I.e. the following rule:
|
||||
#
|
||||
# client_address=1.1.1.1, 1.1.1.2; client_name==unknown; action=REJECT
|
||||
#
|
||||
# triggers a REJECT if the
|
||||
#
|
||||
# Client address is equal (1.1.1.1 OR 1.1.1.2) AND the client name 'unknown'
|
||||
#
|
||||
#
|
||||
# Note:
|
||||
# If an element occurs more than once, an element list is formed:
|
||||
#
|
||||
# The following rule set is equivalent to the above:
|
||||
#
|
||||
# client_address=1.1.1.1; client_address=1.1.1.2; client_name==unknown; action=REJECT
|
||||
#
|
||||
#
|
||||
# triggers a REJECT if (as above) the
|
||||
#
|
||||
# Client address (1.1.1.1 OR 1.1.1.2) AND the client name 'unknown'
|
||||
#
|
||||
# ---
|
||||
|
||||
# Whitelists
|
||||
|
||||
# Whitelist trusted networks
|
||||
|
||||
@@ -387,6 +387,36 @@ echononl " Create configuration file '/etc/postfix/postfwd.cf'.."
|
||||
|
||||
#======= Rule Sets ============
|
||||
|
||||
# ---
|
||||
#
|
||||
# Processing of the Rule Sets
|
||||
#
|
||||
# The parser checks the elements of a policy delegation request against the postfwd set
|
||||
# of rules and, if necessary, triggers the configured action (action=). Similar to a
|
||||
# classic firewall, a rule is considered true if every element of the set of rules (or
|
||||
# one from every element list) applies to the comparison. I.e. the following rule:
|
||||
#
|
||||
# client_address=1.1.1.1, 1.1.1.2; client_name==unknown; action=REJECT
|
||||
#
|
||||
# triggers a REJECT if the
|
||||
#
|
||||
# Client address is equal (1.1.1.1 OR 1.1.1.2) AND the client name 'unknown'
|
||||
#
|
||||
#
|
||||
# Note:
|
||||
# If an element occurs more than once, an element list is formed:
|
||||
#
|
||||
# The following rule set is equivalent to the above:
|
||||
#
|
||||
# client_address=1.1.1.1; client_address=1.1.1.2; client_name==unknown; action=REJECT
|
||||
#
|
||||
#
|
||||
# triggers a REJECT if (as above) the
|
||||
#
|
||||
# Client address (1.1.1.1 OR 1.1.1.2) AND the client name 'unknown'
|
||||
#
|
||||
# ---
|
||||
|
||||
# Whitelists
|
||||
|
||||
# Whitelist trusted networks
|
||||
|
||||
Reference in New Issue
Block a user