From 6379357ef42d6d42067f3184a92c531405bc9c5a Mon Sep 17 00:00:00 2001 From: Marcello Coutinho Date: Fri, 6 Dec 2013 20:14:30 -0200 Subject: postfix - include ipv4,ipv6,virtual and all listen options and fix shortcut call on view,search,queue and about tab --- config/postfix/postfix.inc | 53 +++++++++++++++++++++++++++------- config/postfix/postfix.xml | 22 ++++++++++++-- config/postfix/postfix_about.php | 4 +-- config/postfix/postfix_queue.php | 2 +- config/postfix/postfix_search.php | 2 +- config/postfix/postfix_view_config.php | 2 +- 6 files changed, 67 insertions(+), 18 deletions(-) (limited to 'config/postfix') diff --git a/config/postfix/postfix.inc b/config/postfix/postfix.inc index cf7cd786..50979f38 100755 --- a/config/postfix/postfix.inc +++ b/config/postfix/postfix.inc @@ -581,6 +581,34 @@ switch ($antispam['zombie_blocker']) $postfix_main.="soft_bounce = yes\n"; } + //check ips to listen on + $inet_protocols=($postfix_config['inet_protocol'] ? $postfix_config['inet_protocol'] : "ipv4"); + $inet_interfaces =array(); + if (preg_match("/All/",$postfix_config['enabled_interface'])){ + $inet_interfaces[]=""; + } + elseif ($postfix_config['enabled_interface'] == "lo0"){ + $inet_interfaces[]="loopback-only"; + } + else{ + $ifaces = ($postfix_config['enabled_interface'] ? $postfix_config['enabled_interface'] : 'wan'); + foreach (explode(',',$ifaces) as $listenon){ + if (is_ipaddrv6($listenon) && preg_match("/(ipv6|all)/i",$inet_protocols)) + $inet_interfaces[]= "{$listenon}"; + elseif (is_ipaddr($listenon) && preg_match("/(ipv4|all)/i",$inet_protocols)) + $inet_interfaces[]= "{$listenon}"; + else{ + $listenon=(pfSense_get_interface_addresses(convert_friendly_interface_to_real_interface_name($listenon))); + if (is_ipaddr($listenon['ipaddr']) && preg_match("/(ipv4|all)/i",$inet_protocols)) + $inet_interfaces []= "{$listenon['ipaddr']}"; + if(is_ipaddrv6($listenon['ipaddr6']) && preg_match("/(ipv6|all)/i",$inet_protocols)) + $inet_interfaces []= "{$listenon['ipaddr6']}"; + } + } + } + $postfix_main.= "inet_protocols = {$inet_protocols}\n"; + $postfix_main.= "inet_interfaces = ".implode(",",$inet_interfaces)."\n"; + if ($postscreen==1) #Postscreen enabled { if(preg_match("/(\d+),(\d+)(s|m|h|w)/",$antispam['greet_time'],$greet)){ @@ -611,16 +639,17 @@ switch ($antispam['zombie_blocker']) $postfix_main.="postscreen_blacklist_action= ".$antispam['zombie_blocker']."\n"; #postscreen interface loop - $ifaces = ($postfix_config['enabled_interface'] ? $postfix_config['enabled_interface'] : 'wan'); - $real_ifaces = array(); - $postfix_master=""; - foreach (explode(",", $ifaces) as $i => $iface) { - $real_ifaces[] = px_get_real_interface_address($iface); - if($real_ifaces[$i][0]) { - $postfix_master .=$real_ifaces[$i][0].":25 inet n - n - 1 postscreen\n\t-o user=postfix\n"; - $postfix_master .=($antispam['soft_bounce'] == "postscreen"?"\t-o soft_bounce=yes\n":""); - } - } + //$ifaces = ($postfix_config['enabled_interface'] ? $postfix_config['enabled_interface'] : 'wan'); + //$real_ifaces = array(); + //$postfix_master=""; + //foreach (explode(",", $ifaces) as $i => $iface) { + // $real_ifaces[] = px_get_real_interface_address($iface); + // if($real_ifaces[$i][0]) { + // $postfix_master .=$real_ifaces[$i][0].":25 inet n - n - 1 postscreen\n\t-o user=postfix\n"; + $postfix_master = "smtp inet n - n - 1 postscreen\n\t-o user=postfix\n"; + $postfix_master .=($antispam['soft_bounce'] == "postscreen"?"\t-o soft_bounce=yes\n":""); + // } + //} $postfix_master .= $postfix_inets.<< - Listen interface(s) + Listen Protocol + inet_protocol + + This option controls what DNS lookups Postfix will use when it makes network connections.

+ Restart postfix daemon after changing Listen protocol.]]>
+ select + + + + + + + +
+ + Listen on enabled_interface Do not listen on WAN without a good "antispam/close relay" configuration.
- If you need postfix on other ip then Interface address, choose localhost and then create a nat rule from external ip to localhost.]]>
+ If you need postfix on other ip then Interface address, choose localhost and then create a nat rule from external ip to localhost.

+ Restart postfix daemon after changing Listen on addresses/interfaces.]]> interfaces_selection loopback + +
diff --git a/config/postfix/postfix_about.php b/config/postfix/postfix_about.php index 3f3e272a..56645646 100755 --- a/config/postfix/postfix_about.php +++ b/config/postfix/postfix_about.php @@ -2,7 +2,7 @@ /* postfix_about.php part of pfSense (http://www.pfsense.com/) - Copyright (C) 2011 Marcello Coutinho + Copyright (C) 2011-2013 Marcello Coutinho based on varnish_view_config. All rights reserved. @@ -27,7 +27,7 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - +$shortcut_section = "postfix"; require("guiconfig.inc"); $pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); diff --git a/config/postfix/postfix_queue.php b/config/postfix/postfix_queue.php index 76bed31f..f60ac83e 100755 --- a/config/postfix/postfix_queue.php +++ b/config/postfix/postfix_queue.php @@ -27,7 +27,7 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - +$shortcut_section = "postfix"; require("guiconfig.inc"); $uname=posix_uname(); diff --git a/config/postfix/postfix_search.php b/config/postfix/postfix_search.php index a1cf6b3f..85648287 100755 --- a/config/postfix/postfix_search.php +++ b/config/postfix/postfix_search.php @@ -27,7 +27,7 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - +$shortcut_section = "postfix"; require("guiconfig.inc"); $uname=posix_uname(); diff --git a/config/postfix/postfix_view_config.php b/config/postfix/postfix_view_config.php index 5e1f6271..59deb11e 100644 --- a/config/postfix/postfix_view_config.php +++ b/config/postfix/postfix_view_config.php @@ -27,7 +27,7 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - +$shortcut_section = "postfix"; require("guiconfig.inc"); $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); if ($pf_version > 2.0) -- cgit v1.2.3