From a0001bc5695081b6cb50c526f4b5e99a83fdaf8c Mon Sep 17 00:00:00 2001 From: Andreas Baumann Date: Sat, 1 Aug 2020 12:37:44 +0200 Subject: some firewall changes --- config/obr/pf.conf | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/config/obr/pf.conf b/config/obr/pf.conf index 39246ae..0640334 100644 --- a/config/obr/pf.conf +++ b/config/obr/pf.conf @@ -9,6 +9,9 @@ table # protect against well-known badies table persist file "/etc/badhosts" +# spamd tables +table persist + # interfaces ext_if = vr0 DMZ_if = vr1 @@ -22,6 +25,7 @@ euroserver = 192.168.1.16 eurobuild3 = 192.168.1.12 eurobuild4 = 192.168.1.18 eurobuild5 = 192.168.1.21 +eurobuild6 = 192.168.1.34 euroweb2 = 192.168.1.22 eurodata = 192.168.1.9 euroweb = 192.168.1.15 @@ -95,6 +99,7 @@ pass in on $ext_if proto tcp from any to port 80 # reroute public services to their machines in the LAN pass in on $ext_if proto tcp from any to port 25 rdr-to $euroweb +#pass in on $ext_if proto tcp from any to port 25 divert-to 127.0.0.1 port spamd pass in on $ext_if proto tcp from any to port 443 rdr-to $euroweb pass in on $ext_if proto tcp from any to port 587 rdr-to $euroweb pass in on $ext_if proto tcp from any to port 110 rdr-to $euroweb @@ -114,6 +119,7 @@ pass in on $ext_if proto tcp from any to port 2224 rdr-to $eurobuild4 port 22 pass in on $ext_if proto tcp from any to port 2225 rdr-to $eurobuild5 port 22 pass in on $ext_if proto tcp from any to port 2226 rdr-to $euromac port 22 pass in on $ext_if proto tcp from any to port 2227 rdr-to $euroweb2 port 22 +pass in on $ext_if proto tcp from any to port 2228 rdr-to $eurobuild6 port 22 pass in on $ext_if proto tcp from any to port 5999 rdr-to $euromac port 5900 pass in on $ext_if proto tcp from any to port 5900:5998 rdr-to $eurobuild3 pass in on $ext_if proto tcp from any to port 6881:6889 rdr-to $eurobuild3 -- cgit v1.2.3-54-g00ecf