forked from ISTI-ansible-roles/ansible-roles
loop on the allowed networks when configuring the rules for a smtp relay.
This commit is contained in:
parent
ff3a77b157
commit
293811ef05
|
@ -243,7 +243,9 @@
|
||||||
#
|
#
|
||||||
# These are only needed on the machines that act as relay servers
|
# These are only needed on the machines that act as relay servers
|
||||||
#
|
#
|
||||||
-A INPUT -p tcp -m multiport --dports 25,587,465 -s {{ network.nmis }} -j ACCEPT
|
{% for cidr in postfix_relay_server_permitted_networks %}
|
||||||
|
-A INPUT -p tcp -m multiport --dports 25,587,465 -s {{ cidr }} -j ACCEPT
|
||||||
|
{% endfor %}
|
||||||
-A INPUT -p tcp -m multiport --dports 25,587,465 -j REJECT --reject-with icmp-host-prohibited
|
-A INPUT -p tcp -m multiport --dports 25,587,465 -j REJECT --reject-with icmp-host-prohibited
|
||||||
-A OUTPUT -p tcp -m multiport --dports 25,587,465 -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
|
-A OUTPUT -p tcp -m multiport --dports 25,587,465 -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
|
||||||
{% if postfix_use_relay_host is defined and postfix_use_relay_host %}
|
{% if postfix_use_relay_host is defined and postfix_use_relay_host %}
|
||||||
|
|
Loading…
Reference in New Issue