ISTI-ansible-roles
/
ansible-role-linux-firewall
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Try to cleanup the conditionals that manage the postfix related rules.

This commit is contained in:
Andrea Dell'Amico 2020-10-18 19:48:37 +02:00
parent 3611262c89
commit 94563d73bd
1 changed files with 2 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
templates/iptables-rules.v4.j2
View File

@ -217,8 +217,7 @@
-A INPUT -m state --state NEW -s {{orientdb_hazelcast_multicast_group}} -p tcp -m tcp --dport {{ orientdb_hazelcast_multicast_port }} -j ACCEPT
{% endif %}
# Postfix
{% if postfix_relay_server is defined %}
{% if postfix_relay_server %}
{% if postfix_relay_server is defined and postfix_relay_server%}
#
# These are only needed on the machines that act as relay servers
#
@ -235,10 +234,7 @@
-A OUTPUT -p tcp -m multiport --dports 25,587,465 -m state --state NEW -j LOG --log-prefix "LOCAL_DROPPED_SPAM " --log-uid
-A OUTPUT -p tcp -m multiport --dports 25,587,465 -j DROP
{% endif %}
{% endif %}
{% if postfix_relay_server is defined and not postfix_relay_server %}
{% if postfix_relay_client is defined%}
{% if postfix_relay_client %}
{% if postfix_relay_client is defined and postfix_relay_client%}
#
# When we are not a relay server but we want send email using our relay
-A OUTPUT -p tcp -m multiport --dports 25,587,465 -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
@ -252,8 +248,6 @@
-A OUTPUT -p tcp -m multiport --dports 25,587,465 -m state --state NEW -j LOG --log-prefix "LOCAL_DROPPED_SPAM " --log-uid
-A OUTPUT -p tcp -m multiport --dports 25,587,465 -j DROP
{% endif %}
{% endif %}
{% endif %}
{% if iptables is defined %}
{% if iptables.tcp_rules is defined and iptables.tcp_rules %}
# TCP rules