From b2c25c0f32ac392f66bc57498cf158ca49a1cf2e Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>
Date: Thu, 12 Dec 2019 20:59:33 +0100
Subject: [PATCH] iptables rules: add a new conditional.

---
 library/roles/iptables/templates/iptables-rules.v4.j2 | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/library/roles/iptables/templates/iptables-rules.v4.j2 b/library/roles/iptables/templates/iptables-rules.v4.j2
index 60e300a5..875a87d0 100644
--- a/library/roles/iptables/templates/iptables-rules.v4.j2
+++ b/library/roles/iptables/templates/iptables-rules.v4.j2
@@ -225,6 +225,7 @@
 {% if postfix_relay_client is defined%}
 {% if postfix_relay_client %}
 #
+{% if not postfix_relay_client_do_not_stop_submission %}
 # When we are not a relay server but we want send email using our relay
 -A OUTPUT -p tcp -m multiport --dports 25,587,465 -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
 -A OUTPUT -p tcp -m multiport --dports 25,587,465 -m owner --gid-owner postfix -d {{ postfix_relay_host }} -j ACCEPT
@@ -233,6 +234,7 @@
 {% endif %}
 {% endif %}
 {% endif %}
+{% endif %}
 {% if iptables is defined %}
 {% if iptables.tcp_rules is defined and iptables.tcp_rules %}
 # TCP rules