Enabling smtps port at firewall::vserver::mail

author Silvio Rhatto <rhatto@riseup.net>

Fri, 21 Dec 2012 18:51:20 +0000 (16:51 -0200)

committer Silvio Rhatto <rhatto@riseup.net>

Fri, 21 Dec 2012 18:51:20 +0000 (16:51 -0200)
author Silvio Rhatto <rhatto@riseup.net>
Fri, 21 Dec 2012 18:51:20 +0000 (16:51 -0200)
committer Silvio Rhatto <rhatto@riseup.net>
Fri, 21 Dec 2012 18:51:20 +0000 (16:51 -0200)
diff --git a/manifests/subsystems/firewall/vserver.pp b/manifests/subsystems/firewall/vserver.pp

index c244e091d8ce8a0bc4b49e3e2a6ddab4c0fd72c1..4415952b88890dc02c3f2206d16594a29c787c66 100644 (file)
--- a/manifests/subsystems/firewall/vserver.pp
+++ b/manifests/subsystems/firewall/vserver.pp
@@ -218,6 +218,27 @@ class firewall::vserver::mail($destination, $zone = 'fw') {
      ratelimit       => "$firewall_ssl_ratelimit",
      order           => '1003',
    }
+
+  shorewall::rule { 'mail-5':
+    action          => 'DNAT',
+    source          => 'net',
+    destination     => "$zone:$destination:587",
+    proto           => 'tcp',
+    destinationport => '587',
+    ratelimit       => "$firewall_ssl_ratelimit",
+    order           => '1004',
+  }
+
+  shorewall::rule { 'mail-6':
+    action          => 'DNAT',
+    source          => '$FW',
+    destination     => "$zone:$destination:587",
+    proto           => 'tcp',
+    destinationport => '587',
+    originaldest    => "$ipaddress",
+    ratelimit       => "$firewall_ssl_ratelimit",
+    order           => '1005',
+  }
  }
  
  define firewall::vserver::ssh($destination, $port_orig = '22', $port_dest = '', $zone = 'vm') {
author	Silvio Rhatto <rhatto@riseup.net>
	Fri, 21 Dec 2012 18:51:20 +0000 (16:51 -0200)
committer	Silvio Rhatto <rhatto@riseup.net>
	Fri, 21 Dec 2012 18:51:20 +0000 (16:51 -0200)