Gnous/mailcow
2
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity
6,476 Commits 2 Branches 0 Tags 46 MiB
1787c53d98
Commit Graph

89 Commits

Author SHA1 Message Date
Habetdin
1787c53d98 [Netfilter] respect ban time limits 2024-02-09 01:57:09 +03:00
Niklas Meyer
1926625297
Merge pull request #5711 from amorfo77/master 
[Netfilter] set IP check more relaxed on NFTables.py
 2024-02-08 12:36:03 +01:00
vicente
eb91d9905b fix typpo in chain order message 2024-02-07 15:48:49 +01:00
vicente
38cc85fa4c set strict=False 2024-02-07 15:36:04 +01:00
FreddleSpl0it
464b6f2e93
[Netfilter] fix redis logs 2024-02-05 09:47:19 +01:00
FreddleSpl0it
57e67ea8f7
[Netfilter] fix mailcow isolation rule for iptables 2024-02-02 17:40:44 +01:00
FreddleSpl0it
c941e802d4
[Netfilter] only perform cleanup at exit if SIGTERM was recieved 2024-02-02 12:57:21 +01:00
FreddleSpl0it
39589bd441
[Netfilter] only perform cleanup at exit if SIGTERM was recieved 2024-02-02 12:46:50 +01:00
FreddleSpl0it
2072301d89
[Netfilter] only perform cleanup at exit if SIGTERM was recieved 2024-02-02 11:08:44 +01:00
FreddleSpl0it
b236fd3ac6
[Netfilter] add mailcow isolation rule to MAILCOW chain 
[Netfilter] add mailcow rule to docker-user chain

[Netfilter] add mailcow isolation rule to MAILCOW chain

[Netfilter] add mailcow isolation rule to MAILCOW chain

[Netfilter] set mailcow isolation rule before redis

[Netfilter] clear bans in redis after connecting

[Netfilter] simplify mailcow isolation rule for compatibility with iptables-nft

[Netfilter] stop container after mariadb, redis, dovecot, solr

[Netfilter] simplify mailcow isolation rule for compatibility with iptables-nft

[Netfilter] add exception for mailcow isolation rule for HA setups

[Netfilter] add exception for mailcow isolation rule for HA setups

[Netfilter] add DISABLE_NETFILTER_ISOLATION_RULE

[Netfilter] fix wrong var name

[Netfilter] add DISABLE_NETFILTER_ISOLATION_RULE to update and generate_config sh
 2024-02-02 10:10:11 +01:00
DerLinkman
333b7ebc0c
Fix Alpine 3.19 dependencies 2024-01-09 11:17:52 +01:00
Peter
5896766fc3
Update to Alpine 3.19 2024-01-09 11:17:51 +01:00
FreddleSpl0it
3e40bbc603
Merge remote-tracking branch 'origin/staging' into feat/f2b-banlist 2023-12-11 12:27:14 +01:00
FreddleSpl0it
f4b838cad8
[Netfilter] update image & delete old server.py 2023-12-11 11:51:28 +01:00
FreddleSpl0it
86fa8634ee
[Netfilter] do not ignore RETRY_WINDOW 2023-12-11 11:38:48 +01:00
FreddleSpl0it
f39005b72d
[Netfilter] add nftables support 2023-10-30 11:54:14 +01:00
FreddleSpl0it
1537fb39c0
[Web] add manage f2b external option 2023-07-11 10:19:32 +02:00
FreddleSpl0it
65cbc478b8
[Web] add manage f2b external option 2023-07-11 10:13:00 +02:00
FreddleSpl0it
e2e8fbe313
[Web] add f2b_banlist endpoint 2023-07-10 13:54:23 +02:00
DerLinkman
70aab7568e Changed maintainers to tinc (Dockerfiles) 2023-05-30 16:20:35 +02:00
Patrick Schult
fd0205aafd
Merge pull request #5127 from th-joerger/feature/bantime-increment 
[Netfilter] Implemented exponentially incrementing bantime
 2023-03-30 07:53:33 +02:00
Thorbjörn Jörger
096e2a41e9
Push verified options to redis after each check 2023-03-29 17:09:25 +02:00
Thorbjörn Jörger
e010f08143
verify options after loading them, set defaults if options are missing or invalid 2023-03-29 15:24:14 +02:00
Patrick Schult
3d2483ca37
Merge pull request #5093 from brunoleon/fix_snat 
Fix SNAT never being added because of exception
 2023-03-29 08:13:11 +02:00
Thorbjörn Jörger
5bc3d93545
log exception of redis pubsub subscription 2023-03-21 11:14:52 +01:00
Thorbjörn Jörger
1233613bea
implemented handling of max_bantime and ban_time_increment flag 2023-03-21 11:06:13 +01:00
Thorbjörn Jörger
0206e0886c
implemented exponentially incrementing bantime, removed active_window code that did nothing, cleanly initialized dictionary 2023-03-21 11:06:13 +01:00
Bruno Léon
f77c65411d Fix SNAT never being added because of exception 
Some firewall rule object (iptc) do not have a parameter
attribute, which results in an exception being triggered,
and the mailcow SNAT rule to never be created.

Firewall rules that trigger such exception are:
- -A POSTROUTING -s 192.168.122.0/24 -d 224.0.0.0/24 -j RETURN

This commit just verify attribute presence, and skip the rule
properly instead of triggering an exception.
 2023-02-27 12:04:32 +01:00
FreddleSpl0it
04403aaf70
[Netfilter] fix setting SNAT Rule if chain is empty 2023-02-17 13:15:44 +01:00
Niklas Meyer
50e9a3ec8a
Merge pull request #4835 from VermiumSifell/master 
✏️ Fixed invalid regexs for banning.
 2022-12-23 16:10:32 +01:00
DerLinkman
77f04d10c7 Update Base Images to Alpine 3.17 2022-12-01 23:02:03 +01:00
Vermium Sifell
a9871d05b2 ✏️ Fixed invalid regexs for banning 2022-11-02 23:42:37 +01:00
Martin Wilhelmi
f34d3620b1
Remove trailing whitespaces 2022-08-22 22:16:01 +02:00
Martin Wilhelmi
70e99447f9
Fix adding same SNAT rule endless to the ipv4 POSTROUTING chain 2022-08-22 22:15:56 +02:00
Peter
d13be25f45
Update base image to alpine 3.16 2022-06-05 18:38:16 +02:00
Dmitriy Alekseev
6c5ab7800e
[Netfilter] Exclude banning IPs when dovecot server not reacheble 2022-04-13 13:01:58 +03:00
Niklas Meyer
fac8d9d28a
[Netfilter] Update to Alpine 3.15 + GeoIP Fix 
Added xtables-addon to netfilter container to handle iptables rules with geoip
**Commited by: @marcvorwerk**
 2022-01-21 09:22:25 +01:00
Niklas Meyer
9c7faa9fe8
[Netfilter] Update to Alpine 3.15 2022-01-20 10:11:39 +01:00
Marc Vorwerk
f16d36eb74 Added xtables-addon to netfilter container to handle iptables rules with geoip 2022-01-18 16:27:40 +01:00
Alex Beakes
a0b0d36e22
Fix pip3 uninstall error 2022-01-02 03:51:09 +03:00
Dmitriy Alekseev
819f2876e6
[Netfilter] Add non-SMTP command rule (#4289) 2021-10-08 12:38:29 +03:00
andryyy
19dda55d96
[Alpine] Upgrade to 3.14 2021-08-30 21:01:09 +02:00
andryyy
08e9ab18a8
[Netfilter] Implement protocol error regex, fulfills #4093 2021-05-10 08:44:34 +02:00
andryyy
edf1a4fb1f
[Netfilter] Exit on log line error in pubsub 2021-04-25 09:23:02 +02:00
monsterry
dfe43f56bf
[netfilter] Use exit code 2 if an error occurs (#4040) 2021-04-25 09:13:26 +02:00
andryyy
8eb757bea3
[Netfilter] Further improvements to catch invalid input 2021-03-23 20:53:04 +01:00
andryyy
8bf9ee8308
[Netfilter] Restart on invalid data via pubsub 2021-03-22 21:19:24 +01:00
andryyy
27b18373cc
[Alpine] Update Alpine base images to v3.13 2021-02-18 08:48:12 +01:00
andryyy
0884f42379
[Netfilter] Skip invalid regex 2020-08-27 21:13:30 +02:00
andryyy
d4dd1024c9
[Netfilter] Replace query by resolve (deprecated) 2020-08-27 20:50:22 +02:00