From 09fb4b7b9651a35e13a95d2da6e21d230bfebb34 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= <cynerd@email.cz>
Date: Sat, 11 Jul 2020 16:06:59 +0200
Subject: sentinel-minipot: include additional minipots

---
 sentinel-minipot/files/sentinel-firewall.sh | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

(limited to 'sentinel-minipot/files/sentinel-firewall.sh')

diff --git a/sentinel-minipot/files/sentinel-firewall.sh b/sentinel-minipot/files/sentinel-firewall.sh
index 9c51268..40c584b 100644
--- a/sentinel-minipot/files/sentinel-firewall.sh
+++ b/sentinel-minipot/files/sentinel-firewall.sh
@@ -4,12 +4,16 @@ SF_DIR="${0%/*}"
 . "$SF_DIR/common.sh"
 . /lib/functions.sh
 . /lib/functions/sentinel.sh
+. /usr/libexec/sentinel/minipot-defaults.sh
 
 allowed_to_run "minipot" 2>/dev/null || return 0
 
 
 config_load "sentinel"
-config_get telnet_port "minipot" "telnet_port" "2333"
+config_get ftp_port "minipot" "ftp_port" "$DEFAULT_FTP_PORT"
+config_get http_port "minipot" "http_port" "$DEFAULT_HTTP_PORT"
+config_get smtp_port "minipot" "smtp_port" "$DEFAULT_SMTP_PORT"
+config_get telnet_port "minipot" "telnet_port" "$DEFAULT_TELNET_PORT"
 
 
 port_redirect_zone() {
@@ -19,6 +23,12 @@ port_redirect_zone() {
 	config_get_bool enabled "$config_section" "sentinel_minipot" "0"
 	[ "$enabled" = "1" ] || return 0
 
+	[ "$ftp_port" = "0" ] || \
+		iptables_redirect "$zone" 21 "$ftp_port" "Minipot FTP"
+	[ "$http_port" = "0" ] || \
+		iptables_redirect "$zone" 80 "$http_port" "Minipot HTTP"
+	[ "$smtp_port" = "0" ] || \
+		iptables_redirect "$zone" 587 "$smtp_port" "Minipot SMTP submission"
 	[ "$telnet_port" = "0" ] || \
 		iptables_redirect "$zone" 23 "$telnet_port" "Minipot Telnet"
 }
@@ -28,6 +38,12 @@ config_foreach port_redirect_zone "zone"
 
 
 if source_if_exists "$SF_DIR/dynfw-utils.sh"; then
+	[ "$ftp_port" = "0" ] || \
+		bypass_dynamic_firewall "tcp" "21" "Minipot FTP"
+	[ "$http_port" = "0" ] || \
+		bypass_dynamic_firewall "tcp" "23" "Minipot HTTP"
+	[ "$smtp_port" = "0" ] || \
+		bypass_dynamic_firewall "tcp" "587" "Minipot SMTP submission"
 	[ "$telnet_port" = "0" ] || \
 		bypass_dynamic_firewall "tcp" "23" "Minipot Telnet"
 fi
-- 
cgit v1.2.3