smeserver-fetchmail/contribs10/smeserver-fetchmail-1.6-update_iptables_rules.patch

diff -Nur smeserver-fetchmail-1.6/root/etc/e-smith/templates/etc/rc.d/init.d/masq/35transproxy-fetchmail smeserver-fetchmail-1.6_bz9180/root/etc/e-smith/templates/etc/rc.d/init.d/masq/35transproxy-fetchmail
--- smeserver-fetchmail-1.6/root/etc/e-smith/templates/etc/rc.d/init.d/masq/35transproxy-fetchmail      2015-02-06 10:41:14.000000000 +0100
+++ smeserver-fetchmail-1.6_bz9180/root/etc/e-smith/templates/etc/rc.d/init.d/masq/35transproxy-fetchmail       2016-01-08 11:54:50.130911307 +0100
@@ -9,19 +9,19 @@
 
         # Block any outgoing connections to POP3 servers
 
-        $OUT .= "    /sbin/iptables --table nat --append PREROUTING\\\n";
-        $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 110\\\n";
+        $OUT .= "    /sbin/iptables --append FORWARD\\\n";
+        $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 110\\\n";
        $OUT .= "\t--jump LOG --log-prefix \"denylogfetchmail: \"\n";
-        $OUT .= "    /sbin/iptables --table nat --append PREROUTING\\\n";
-        $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 110 --jump DROP\n";
+        $OUT .= "    /sbin/iptables --append FORWARD\\\n";
+        $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 110 --jump DROP\n";
 
         # Block any outgoing connections to IMAP4 servers
 
-        $OUT .= "    /sbin/iptables --table nat --append PREROUTING\\\n";
-        $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 143\\\n";
+        $OUT .= "    /sbin/iptables --append FORWARD\\\n";
+        $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 143\\\n";
        $OUT .= "\t--jump LOG --log-prefix \"denylogfetchmail: \"\n";
-        $OUT .= "    /sbin/iptables --table nat --append PREROUTING\\\n";
-        $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 143 --jump DROP\n";
+        $OUT .= "    /sbin/iptables --append FORWARD\\\n";
+        $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 143 --jump DROP\n";
 
     }
     my $routingSMTP = $FetchMails{ "RoutingSMTP" } || "YES" ;
@@ -30,11 +30,11 @@
         # Users on LAN are not allowed to access to SMTP
         # servers on Internet.
 
-        $OUT .= "    /sbin/iptables --table nat --append PREROUTING\\\n";
-        $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 25\\\n";
+        $OUT .= "    /sbin/iptables --append FORWARD\\\n";
+        $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 25\\\n";
         $OUT .= "\t--jump LOG --log-prefix \"denylogfetchmail: \"\n";
-        $OUT .= "    /sbin/iptables --table nat --append PREROUTING\\\n";
-        $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 25 --jump DROP\n";
+        $OUT .= "    /sbin/iptables --append FORWARD\\\n";
+        $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 25 --jump DROP\n";
 
     }
     my $routingNNTP = $FetchMails{ "RoutingNNTP" } || "YES" ;
@@ -43,11 +43,11 @@
         # Users on LAN are not allowed to access to news
         # servers on Internet.
 
-        $OUT .= "    /sbin/iptables --table nat --append PREROUTING\\\n";
-        $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 119\\\n";
+        $OUT .= "    /sbin/iptables --append FORWARD\\\n";
+        $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 119\\\n";
         $OUT .= "\t--jump LOG --log-prefix \"denylogfetchmail: \"\n";
-        $OUT .= "    /sbin/iptables --table nat --append PREROUTING\\\n";
-        $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 119 --jump DROP\n";
+        $OUT .= "    /sbin/iptables --append FORWARD\\\n";
+        $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 119 --jump DROP\n";
 
     }
 }
1	brianr	1.1	diff -Nur smeserver-fetchmail-1.6/root/etc/e-smith/templates/etc/rc.d/init.d/masq/35transproxy-fetchmail smeserver-fetchmail-1.6_bz9180/root/etc/e-smith/templates/etc/rc.d/init.d/masq/35transproxy-fetchmail
2			--- smeserver-fetchmail-1.6/root/etc/e-smith/templates/etc/rc.d/init.d/masq/35transproxy-fetchmail 2015-02-06 10:41:14.000000000 +0100
3			+++ smeserver-fetchmail-1.6_bz9180/root/etc/e-smith/templates/etc/rc.d/init.d/masq/35transproxy-fetchmail 2016-01-08 11:54:50.130911307 +0100
4			@@ -9,19 +9,19 @@
5
6			# Block any outgoing connections to POP3 servers
7
8			- $OUT .= " /sbin/iptables --table nat --append PREROUTING\\\n";
9			- $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 110\\\n";
10			+ $OUT .= " /sbin/iptables --append FORWARD\\\n";
11			+ $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 110\\\n";
12			$OUT .= "\t--jump LOG --log-prefix \"denylogfetchmail: \"\n";
13			- $OUT .= " /sbin/iptables --table nat --append PREROUTING\\\n";
14			- $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 110 --jump DROP\n";
15			+ $OUT .= " /sbin/iptables --append FORWARD\\\n";
16			+ $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 110 --jump DROP\n";
17
18			# Block any outgoing connections to IMAP4 servers
19
20			- $OUT .= " /sbin/iptables --table nat --append PREROUTING\\\n";
21			- $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 143\\\n";
22			+ $OUT .= " /sbin/iptables --append FORWARD\\\n";
23			+ $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 143\\\n";
24			$OUT .= "\t--jump LOG --log-prefix \"denylogfetchmail: \"\n";
25			- $OUT .= " /sbin/iptables --table nat --append PREROUTING\\\n";
26			- $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 143 --jump DROP\n";
27			+ $OUT .= " /sbin/iptables --append FORWARD\\\n";
28			+ $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 143 --jump DROP\n";
29
30			}
31			my $routingSMTP = $FetchMails{ "RoutingSMTP" } \|\| "YES" ;
32			@@ -30,11 +30,11 @@
33			# Users on LAN are not allowed to access to SMTP
34			# servers on Internet.
35
36			- $OUT .= " /sbin/iptables --table nat --append PREROUTING\\\n";
37			- $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 25\\\n";
38			+ $OUT .= " /sbin/iptables --append FORWARD\\\n";
39			+ $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 25\\\n";
40			$OUT .= "\t--jump LOG --log-prefix \"denylogfetchmail: \"\n";
41			- $OUT .= " /sbin/iptables --table nat --append PREROUTING\\\n";
42			- $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 25 --jump DROP\n";
43			+ $OUT .= " /sbin/iptables --append FORWARD\\\n";
44			+ $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 25 --jump DROP\n";
45
46			}
47			my $routingNNTP = $FetchMails{ "RoutingNNTP" } \|\| "YES" ;
48			@@ -43,11 +43,11 @@
49			# Users on LAN are not allowed to access to news
50			# servers on Internet.
51
52			- $OUT .= " /sbin/iptables --table nat --append PREROUTING\\\n";
53			- $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 119\\\n";
54			+ $OUT .= " /sbin/iptables --append FORWARD\\\n";
55			+ $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 119\\\n";
56			$OUT .= "\t--jump LOG --log-prefix \"denylogfetchmail: \"\n";
57			- $OUT .= " /sbin/iptables --table nat --append PREROUTING\\\n";
58			- $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 119 --jump DROP\n";
59			+ $OUT .= " /sbin/iptables --append FORWARD\\\n";
60			+ $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 119 --jump DROP\n";
61
62			}
63			}