8,7 → 8,7 |
# - Local MAC addresses filtering (MAC are in '/usr/local/etc/alcasar-iptables-local-mac-filtered'. Format : aa:09:23:2f:4d:ee) |
# - allow ICMP from an Internet IP address (Admin_from) to EXTIF |
# - Deny access to protected networks from internal LAN |
# - allow SMTP from ALCASAR to an Internet server (SMTP_IP) |
# - allow SMTP from ALCASAR to an Internet server |
# - Allow managers to access ACC from the external network |
# - Ports Address Translation (PAT) from Internet (one & multiple) |
# This script inherit of alcasar-iptables.sh variables : $INTIF, $EXTIF, $IPTABLES, etc |
43,10 → 43,10 |
#$IPTABLES -A FORWARD -i $consultationIF -d $protectedNetworks -j DROP |
#$IPTABLES -A FORWARD -o $consultationIF -s $protectedNetworks -j DROP |
|
# On autorise ALCASAR a accéder à un serveur MAIL local (envoie de rapports, alertes, etc.) |
# Allow ALCASAR to conect to a local mail server (send reports, alerts, etc.) |
#SMTP_IP='192.168.111.5' # IP of mail server |
#SMTP_PORT=587 # port of mail server (25 for SMTP ; 587 for STARTTLS ; 465 for SMTPS) |
# On autorise ALCASAR a accéder à un serveur MAIL (envoie de rapports, alertes, inscription d'utilisateurs, etc.) |
# Allow ALCASAR to connect to a mail server (send reports, alerts, users registration, etc.) |
#SMTP_IP='192.168.111.5' |
#SMTP_PORT=25 |
#$IPTABLES -A OUTPUT -p tcp -d $SMTP_IP --dport $SMTP_PORT -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT |
#$IPTABLES -A INPUT -p tcp -s $SMTP_IP --sport $SMTP_PORT -m conntrack --ctstate ESTABLISHED -j ACCEPT |
|