Virtual Architects Support Wiki

User Tools

Site Tools

You are here: start » internet » mail » zimbra » zimbra_firewall
Trace:
internet:mail:zimbra:zimbra_firewall

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
internet:mail:zimbra:zimbra_firewall [2018/10/30 15:18]
gcooper 		internet:mail:zimbra:zimbra_firewall [2023/11/13 08:53] (current)
gcooper
Line 1: Line 1:
 ====== Zimbra Firewall ====== ====== Zimbra Firewall ======
 +
 +FIXME This page could probably use a review and updating.
  
 **Zimbra IP Ports Used**: http://wiki.zimbra.com/wiki/Ports **Zimbra IP Ports Used**: http://wiki.zimbra.com/wiki/Ports
Line 7: Line 9:
 :!: Make sure your Zimbra server is working well before implementing a firewall.  Suspect the firewall if something stops working or isn't working properly. :!: Make sure your Zimbra server is working well before implementing a firewall.  Suspect the firewall if something stops working or isn't working properly.
  
-===== IPTABLES (CentOS) =====+===== IPTABLES =====
  
 http://wiki.zimbra.com/wiki/Firewall_Configuration http://wiki.zimbra.com/wiki/Firewall_Configuration
Line 13: Line 15:
 :!: Clustering requires additional ports. :!: Clustering requires additional ports.
  
-Need modify and verify this:+:!: This example was from an older CentOS installation.
  
 <file> <file>
Line 33: Line 35:
 </file> </file>
  
-===== CSF (CentOS) ===== +===== CSF =====
- +
-FIXME Unfinished+
  
 See also **[[networking:firewall:csf|ConfigServer Security & Firewall (CSF)]]** See also **[[networking:firewall:csf|ConfigServer Security & Firewall (CSF)]]**
Line 41: Line 41:
 http://syslint.com/syslint/how-to-configure-zimbra-csf-the-best-zimbra-firewall-configuration/ http://syslint.com/syslint/how-to-configure-zimbra-csf-the-best-zimbra-firewall-configuration/
  
-:!: Reload or restart CSF and LFD for changes to be activated.+:!: Reload or restart CSF and LFD for changes to be activated (''csf -ra'').
  
 ==== Postfix ==== ==== Postfix ====
  
-**RegEx Tester**: https://www.regextester.com/+**RegEx Tester**: https://www.regex101.com/
  
 **Reference**: https://cloudpro.zone/index.php/2018/03/28/csf-lfd-regular-expressions/ **Reference**: https://cloudpro.zone/index.php/2018/03/28/csf-lfd-regular-expressions/
  
-<note warning>Zimbra uses Postfix and Postfix is not directly supported by CSF, so we have to use a custom regex.+<note warning>Zimbra uses Postfix and Postfix is not directly supported by CSF, so we have to use a custom regex for LFD (log failure daemon) Note that the Postfix log format seems to change infrequently, so your custom regex may only work until the next log format change.</note>
  
-Note that the Postfix log format seems to change frequently, so your custom regex will only work until the next log format change.</note> +Consider these lines clipped from ''/var/log/mail.log'':
- +
-Consider these lines clipped from ''/var/log/maillog'':+
  
 <file> <file>
-Oct 28 09:45:55 zimbra postfix/smtps/smtpd[7093]: warning: unknown[202.163.108.118]: SASL PLAIN authentication failed: authentication failure +Oct  2 08:18:04 zimbra3 postfix/submission/smtpd[3670673]: warning: unknown[93.177.75.130]: SASL LOGIN authentication failed: authentication failure 
-Oct 28 09:45:56 zimbra postfix/smtps/smtpd[7093]: warning: unknown[202.163.108.118]: SASL LOGIN authentication failed: authentication failure +Oct  5 14:27:13 zimbra3 postfix/smtps/smtpd[3656293]: warning: unknown[102.164.206.139]: SASL PLAIN authentication failed: authentication failure
-Oct 26 10:07:34 zimbra postfix/submission/smtpd[1676]: warning: unknown[138.0.255.66]: SASL PLAIN authentication failed: authentication failure +
-Oct 26 10:07:36 zimbra postfix/submission/smtpd[1676]: warning: unknown[138.0.255.66]: SASL LOGIN authentication failed: authentication failure +
-Oct 30 13:57:58 zimbra postfix/smtpd[29129]: warning: unknown[198.167.191.68]: SASL PLAIN authentication failed: authentication failure +
-Oct 30 13:57:58 zimbra postfix/smtpd[29129]: warning: unknown[198.167.191.68]: SASL LOGIN authentication failed: authentication failure+
 </file> </file>
  
-Add a custom RegEx to detect authentication failures:+Add a custom RegEx to detect authentication failures (5 failures, block ports 25 and 587, for 3600 seconds/1 hour):
  
 <file> <file>
Line 73: Line 67:
  
 <file> <file>
-if (($lgfile eq $config{CUSTOM1_LOG}) and ($line =~ /^\S+\s+\d+\s+\S+ \S+ postfix\/[A-Za-z]*?\/smtpd\[\d+\]: warning:.*\[(\d+\.\d+\.\d+\.\d+)\]: SASL [A-Za-z]*? authentication failed.*/)) { +if (($lgfile eq $config{CUSTOM1_LOG}) and ($line =~ /^\S+\s+\d+\s+\S+ .* postfix\/s.*\/smtpd\[\d+\]: warning: .*\[(\d+\.\d+\.\d+\.\d+)\]: SASL (LOGIN|PLAIN|login) authentication failed.*/)) { 
-return ("Failed SASL login from",$2,"mysaslmatch","5","25,587","3600");+return ("Failed SASL login from",$1,"mysaslmatch","5","25,587","3600");
 } }
 </file> </file>
  
-:!: $1 matches ''postfix/smtps/smtpd'', ''postfix/submission/smtpd'' or ''postfix/smtpd''+:!: Group 1 ($1matches the offending IP address.
- +
-:!: $2 is the second set of parenthesis matching the IP address. +
- +
-A variant for an older log format: +
- +
-<file> +
-if (($lgfile eq $config{CUSTOM1_LOG}) and ($line =~ /^\S+\s+\d+\s+\S+ \S+ postfix\/smtpd\[\d+\]: warning:.*\[(\d+\.\d+\.\d+\.\d+)\]: SASL [A-Z]*? authentication failed/)) { +
-return ("Failed SASL login from",$1,"mysaslmatch","3","25","600"); +
-+
-</file> +
- +
-Another older variant (5 failures, block ports 25 and 587, for 3600 seconds): +
- +
-<file> +
-if (($lgfile eq $config{CUSTOM1_LOG}) and ($line =~ /^\S+\s+\d+:\d+:\d+,\d+\s+\w{4}\s+\[.*oip=(\d+\.\d+\.\d+\.\d+);\]\s+security\s.*invalid password.*/)) { +
-return ("Failed SASL login from",$1,"mysaslmatch","5","25,587","3600"); +
-+
-</file>+
  
 Now, edit the CSF configuration to tell it to monitor the proper log file for the new RegEx: Now, edit the CSF configuration to tell it to monitor the proper log file for the new RegEx:
Line 107: Line 83:
  
 <file> <file>
-CUSTOM1_LOG = "/var/log/maillog"+CUSTOM1_LOG = "/var/log/mail.log"
 </file> </file>
  
 ==== csf.allow ==== ==== csf.allow ====
 +
 +:!: This example is for Ubuntu 20.04 and Zimbra 9.
  
 <file> <file>
Line 131: Line 109:
 # add it to csf.ignore # add it to csf.ignore
  
-192.168.0.0/24 # csf SSH installation/upgrade IP address - Sat Nov  8 14:46:55 2014 +192.168.1.0/24 # LAN network address 
-10.10.1.9      # NFS backup server +10.1.1.9       # NFS backup server 
-10.10.1.40     # Manually allowed +10.1.1.40      # Manually allowed 
-70.162.35.134  # Manually allowed +78.123.35.134  # Manually allowed 
-64.119.33.99   # Manually allowed+49.312.33.99   # Manually allowed
  
-tcp|in|d=25|s=174.37.170.192/27 # GDI Spam Filter Servers +tcp|in|d=25|s=74.37.170.192/27  # Spam Filter Servers 
-tcp|in|d=25|s=174.36.242.64/27 # GDI Spam Filter Servers +tcp|in|d=25|s=74.36.242.64/27   # Spam Filter Servers 
-tcp|in|d=25|s=208.43.201.128/27 # GDI Spam Filter Servers +tcp|in|d=25|s=108.43.201.128/27 # Spam Filter Servers 
-tcp|in|d=25|s=67.225.140.128/26 # GDI Spam Filter Servers +tcp|in|d=25|s=57.225.140.128/26 # Spam Filter Servers 
-tcp|in|d=25|s=50.201.66.0/24 # GDI Spam Filter Servers+tcp|in|d=25|s=40.201.66.0/24    # Spam Filter Servers
  
 udp|out|d=53|| # Outbound DNS query with random source port udp|out|d=53|| # Outbound DNS query with random source port
 +
 +# Zimbra Zextras Docs Server
 +tcp|in|d=389|s=98.167.189.29   # Allow LDAP from Zimbra Zextras Docs
 +tcp|in|d=8443|s=98.167.189.29  # Allow from Zimbra Zextras Docs
 +tcp|out|d=9980|d=98.167.189.29 # Allow to Zimbra Zextras Docs
 +
 +# LDAP Testing
 +tcp|in|d=389|s=192.168.1.46    # Allow LDAP from a workstation
 </file> </file>
  
 ==== csf.pignore ==== ==== csf.pignore ====
 +
 +:!: This example is for Ubuntu 20.04 with Zimbra 9.
  
 These entries will minimize Process Tracking false alerts (entries for multiple Zimbra versions): These entries will minimize Process Tracking false alerts (entries for multiple Zimbra versions):
  
 <file> <file>
 +###############################################################################
 +# Copyright 2006-2014, Way to the Web Limited
 +# URL: http://www.configserver.com
 +# Email: sales@waytotheweb.com
 ############################################################################### ###############################################################################
 # The following is a list of executables (exe) command lines (cmd) and # The following is a list of executables (exe) command lines (cmd) and
Line 197: Line 189:
 exe:/usr/local/libexec/dovecot/imap exe:/usr/local/libexec/dovecot/imap
 exe:/usr/local/libexec/dovecot/imap-login exe:/usr/local/libexec/dovecot/imap-login
 +exe:/usr/lib/postfix/sbin/error
  
 +exe:/usr/lib/apt/methods/http
 exe:/usr/sbin/rpcbind exe:/usr/sbin/rpcbind
 exe:/usr/sbin/rpc.statd exe:/usr/sbin/rpc.statd
Line 216: Line 210:
 exe:/opt/zimbra/common/libexec/cleanup exe:/opt/zimbra/common/libexec/cleanup
 exe:/opt/zimbra/common/libexec/bounce exe:/opt/zimbra/common/libexec/bounce
 +exe:/opt/zimbra/common/libexec/scache
  
 cmd:/usr/bin/vmstat -n -S K 30 cmd:/usr/bin/vmstat -n -S K 30
Line 251: Line 246:
 cmd:/bin/bash /opt/zimbra/bin/zmlocalconfig -m nokey zimbra_server_hostname cmd:/bin/bash /opt/zimbra/bin/zmlocalconfig -m nokey zimbra_server_hostname
 cmd:/bin/bash /opt/zimbra/bin/zmantispamctl status cmd:/bin/bash /opt/zimbra/bin/zmantispamctl status
 +cmd:/bin/bash /opt/zimbra/bin/zmmilterctl status
 +cmd:/usr/bin/redis-server 127.0.0.1:0
  
 +cmd:/usr/sbin/rsyslogd -n -iNONE
 +cmd:(sd-pam)
 +cmd:/usr/sbin/atd -f
 +cmd:/lib/systemd/systemd-timesyncd
 +cmd:/lib/systemd/systemd-networkd
 +cmd:/lib/systemd/systemd --user
 +cmd:/bin/bash /opt/zimbra/bin/zmmtactl status norewrite
 +
 +pcmd:/usr/bin/perl /opt/zimbra/libexec/auditswatch.*
 pcmd:sh -c /opt/zimbra/bin/zmantivirusctl.* pcmd:sh -c /opt/zimbra/bin/zmantivirusctl.*
 pcmd:/bin/bash /opt/zimbra/bin/zmantivirusctl.* pcmd:/bin/bash /opt/zimbra/bin/zmantivirusctl.*
Line 259: Line 265:
 pcmd:/usr/bin/perl /opt/zimbra/libexec/zmdailyreport.* pcmd:/usr/bin/perl /opt/zimbra/libexec/zmdailyreport.*
 pcmd:/bin/bash -c /opt/zimbra/libexec/zmlogprocess.* pcmd:/bin/bash -c /opt/zimbra/libexec/zmlogprocess.*
 +pcmd:/bin/bash /opt/zimbra/bin/zxsuite backup.*
 pcmd:sh -c /opt/zimbra/bin/zmantispamct.* pcmd:sh -c /opt/zimbra/bin/zmantispamct.*
 pcmd:/bin/bash /opt/zimbra/bin/zmantispamct.* pcmd:/bin/bash /opt/zimbra/bin/zmantispamct.*
Line 264: Line 271:
 pcmd:/usr/bin/perl -w /opt/zimbra/libexec/zmstat-.* pcmd:/usr/bin/perl -w /opt/zimbra/libexec/zmstat-.*
 pcmd:/usr/bin/perl -T -w /opt/zimbra/common/bin/sa-lear.* pcmd:/usr/bin/perl -T -w /opt/zimbra/common/bin/sa-lear.*
 +pcmd:/usr/bin/perl -T /opt/zimbra/common/sbin/amavisd -X no_conf_file_writable_check.*
 pcmd:/opt/zimbra/libexec/logswatch --config-file=/opt/zimbra.* pcmd:/opt/zimbra/libexec/logswatch --config-file=/opt/zimbra.*
 pcmd:/bin/sh /opt/zimbra/common/bin/mysqld_safe --defaults-file=/opt.* pcmd:/bin/sh /opt/zimbra/common/bin/mysqld_safe --defaults-file=/opt.*
Line 273: Line 281:
 pcmd:/opt/zimbra/java/bin/java -client -cp /opt/zimbra/lib/jars.* pcmd:/opt/zimbra/java/bin/java -client -cp /opt/zimbra/lib/jars.*
 pcmd:/opt/zimbra/common/lib/jvm/java/bin/java -XX:ErrorFile.* pcmd:/opt/zimbra/common/lib/jvm/java/bin/java -XX:ErrorFile.*
 +pcmd:/opt/zimbra/common/lib/jvm/openjdk-11.0.2-zimbra/bin/java.*
 pcmd:/usr/bin/perl /opt/zimbra/libexec/swatch --config-file=/opt/zimbra/conf/swatchrc.* pcmd:/usr/bin/perl /opt/zimbra/libexec/swatch --config-file=/opt/zimbra/conf/swatchrc.*
 pcmd:/usr/bin/perl /opt/zimbra/data/tmp/.swatch_script.* pcmd:/usr/bin/perl /opt/zimbra/data/tmp/.swatch_script.*
Line 279: Line 288:
 pcmd:/usr/bin/perl /opt/zimbra/data/tmp/.swatchdog_scrip.* pcmd:/usr/bin/perl /opt/zimbra/data/tmp/.swatchdog_scrip.*
 pcmd:/usr/bin/perl /opt/zimbra/common/bin/swatchdog.* pcmd:/usr/bin/perl /opt/zimbra/common/bin/swatchdog.*
 +pcmd:/bin/bash -c find /opt/zimbra.*
 pcmd:/opt/zimbra/common/bin/swatchdog --config-file=/opt/zimbra/conf/logswatchrc.* pcmd:/opt/zimbra/common/bin/swatchdog --config-file=/opt/zimbra/conf/logswatchrc.*
 pcmd:/opt/zimbra/common/bin/rotatelogs /opt/zimbra/log/httpd.* pcmd:/opt/zimbra/common/bin/rotatelogs /opt/zimbra/log/httpd.*
 pcmd:/opt/zimbra/common/bin/freshclam --config-file=/opt/zimbra/conf/freshclam.* pcmd:/opt/zimbra/common/bin/freshclam --config-file=/opt/zimbra/conf/freshclam.*
 +pcmd:/opt/zimbra/common/bin/keytool -export -file /opt/zimbra/mailboxd/etc/mailboxd.*
 pcmd:/opt/zimbra/common/bin/java -client -cp /opt/zimbra/lib/jars/zimbracommon.* pcmd:/opt/zimbra/common/bin/java -client -cp /opt/zimbra/lib/jars/zimbracommon.*
-pcmd:/opt/zimbra/common/bin/java -Dfile.encoding=UTF-8 -server -Djava.awt.headless.*+pcmd:/opt/zimbra/common/bin/java -Dfile.encoding=UTF-8 -server -D.*
 pcmd:/opt/zimbra/common/bin/memcached -d -P /opt/zimbra/log/memcached.pid.* pcmd:/opt/zimbra/common/bin/memcached -d -P /opt/zimbra/log/memcached.pid.*
  
Line 300: Line 311:
 pexe:/opt/zimbra/postfix-.*/libexec/smtp pexe:/opt/zimbra/postfix-.*/libexec/smtp
 pexe:/opt/zimbra/common/libexec/smtp.* pexe:/opt/zimbra/common/libexec/smtp.*
 +pexe:/opt/zimbra/common/lib/jvm/openjdk-.*
 +pexe:/opt/zimbra/common/libexec/slapd.*
 </file> </file>
  
Line 307: Line 320:
  
 <file> <file>
-diff --unchanged-line-format= --old-line-format= --new-line-format='%L' /root/csf/csf.conf /etc/csf/csf.conf | grep -v \#+diff --unchanged-line-format= --old-line-format= --new-line-format='%L' /usr/local/csf/profiles/reset_to_defaults.conf /etc/csf/csf.conf | grep -v \#
 </file> </file>
 +
 +:!: This example is for Ubuntu 20.04 with Zimbra 9.
  
 <file> <file>
 TESTING = "0" TESTING = "0"
 RESTRICT_SYSLOG = "3" RESTRICT_SYSLOG = "3"
-TCP_IN = "22,25,80,110,143,443,465,587,993,995,5222:5223,7071,8443+TCP_IN = "20,21,25,53,80,110,143,443,465,587,993,995,2222,7071,10000:10010,20000,24441,59000:59999
-TCP_OUT = "22,25,53,80,110,113,143,443,465,587,993,995,7071"+TCP_OUT = "22,25,53,80,110,113,143,443,465,587,993,995,2222,7071,9980"
 UDP_IN = "53,123" UDP_IN = "53,123"
 UDP_OUT = "53,113,123,33434:33523" UDP_OUT = "53,113,123,33434:33523"
 +ICMP_IN_RATE = "0"
 IPV6 = "1" IPV6 = "1"
-TCP6_IN = "22,25,80,110,143,443,465,587,993,995,2222,5222:5223,7071,8443+TCP6_IN = "20,21,25,53,80,110,143,443,465,587,993,995,2222,7071,10000:10010,20000,24441,59000:59999
-TCP6_OUT = "22,25,53,80,110,113,143,443,465,587,993,995,2222,7071"+TCP6_OUT = "22,53,80,110,113,143,443,465,587,993,995,2222,7071"
 UDP6_IN = "53,123" UDP6_IN = "53,123"
 UDP6_OUT = "53,113,123,33434:33523" UDP6_OUT = "53,113,123,33434:33523"
-USE_CONNTRACK = "1" 
 SYSLOG_CHECK = "600" SYSLOG_CHECK = "600"
-DENY_IP_LIMIT = "1000"+DENY_IP_LIMIT = "5000"
 DENY_TEMP_IP_LIMIT = "1000" DENY_TEMP_IP_LIMIT = "1000"
 LF_IPSET = "1" LF_IPSET = "1"
 STYLE_CUSTOM = "1" STYLE_CUSTOM = "1"
 SMTP_ALLOWUSER = "" SMTP_ALLOWUSER = ""
-SYNFLOOD = "1" +CONNLIMIT = "80;60,110;10,143;10,443;60,465;10,587;10,993;10,995;10
-CONNLIMIT = "80;30,110;5,143;5,443;30,465;5,587;5,993;5,995;5+PORTFLOOD = "80;tcp;70;5,110;tcp;20;5,143;tcp;20;5,443;tcp;70;5,465;tcp;20;5,587;tcp;20;5,993;tcp;20;5,995;tcp;20;5
-PORTFLOOD = "80;tcp;20;5,110;tcp;20;5,143;tcp;20;5,443;tcp;20;5,465;tcp;20;5,587;tcp;20;5,993;tcp;20;5,995;tcp;20;5" +UDPFLOOD_ALLOWUSER = "named,zimbra" 
-DROP_NOLOG = "67,68,111,113,135:139,445,500,513,520"+DROP_IP_LOGGING = "1
 +DROP_NOLOG = "67,68,111,113,135:139,445,500,513,520,5678" 
 +DROP_PF_LOGGING = "1"
 CONNLIMIT_LOGGING = "1" CONNLIMIT_LOGGING = "1"
 LF_PERMBLOCK_COUNT = "2" LF_PERMBLOCK_COUNT = "2"
 +LF_PERMBLOCK_ALERT = "0"
 LF_NETBLOCK = "1" LF_NETBLOCK = "1"
 +LF_NETBLOCK_COUNT = "2"
 +LF_NETBLOCK_ALERT = "0"
 SAFECHAINUPDATE = "1" SAFECHAINUPDATE = "1"
 DYNDNS = "600" DYNDNS = "600"
 +MM_LICENSE_KEY = "xxxxxxxxxxxxxxx"
 +CC_SRC = "1"
 +CC_DENY = "RU,BY,CN,AF"
 +CC_DENY_PORTS_TCP = "21,22,110,143,587,993,995,2222"
 +CC_DENY_PORTS_UDP = "5060,5061,10000:20000"
 +CC_INTERVAL = "7"
 LF_SELECT = "1" LF_SELECT = "1"
 LF_EMAIL_ALERT = "0" LF_EMAIL_ALERT = "0"
 LF_SSHD_PERM = "600" LF_SSHD_PERM = "600"
 LF_FTPD_PERM = "600" LF_FTPD_PERM = "600"
-LF_SMTPAUTH = "10" 
 LF_SMTPAUTH_PERM = "600" LF_SMTPAUTH_PERM = "600"
 +LF_POP3D = "5"
 LF_POP3D_PERM = "600" LF_POP3D_PERM = "600"
-LF_IMAPD_PERM = "600"+LF_IMAPD = "5"
 LF_HTACCESS_PERM = "600" LF_HTACCESS_PERM = "600"
 LF_MODSEC_PERM = "600" LF_MODSEC_PERM = "600"
Line 355: Line 381:
 LF_WEBMIN = "10" LF_WEBMIN = "10"
 LF_WEBMIN_PERM = "600" LF_WEBMIN_PERM = "600"
-LF_WEBMIN_EMAIL_ALERT = "0" 
-LF_CONSOLE_EMAIL_ALERT = "0" 
 LF_APACHE_404 = "100" LF_APACHE_404 = "100"
 LF_APACHE_403 = "100" LF_APACHE_403 = "100"
 +LF_APACHE_401_PERM = "3600"
 +LF_MODSECIPDB_ALERT = "0"
 +LF_MODSECIPDB_FILE = "/var/run/modsecurity/data/ip.pag"
 LF_DISTATTACK = "1" LF_DISTATTACK = "1"
 LF_DISTFTP = "5" LF_DISTFTP = "5"
Line 372: Line 399:
 MESSENGER_HTTPS_KEY = "/etc/pki/tls/private/localhost.key" MESSENGER_HTTPS_KEY = "/etc/pki/tls/private/localhost.key"
 MESSENGER_HTTPS_CRT = "/etc/pki/tls/certs/localhost.crt" MESSENGER_HTTPS_CRT = "/etc/pki/tls/certs/localhost.crt"
 +MESSENGER_HTTPS_IN = ""
 +MESSENGER_CHILDREN = "10"
 +MESSENGERV3LOCATION = "/etc/httpd/conf.d/"
 +MESSENGERV3RESTART = "service httpd restart"
 +MESSENGERV3HTTPS_CONF = "/etc/httpd/conf/httpd.conf"
 +MESSENGERV3GROUP = "apache"
 +CLUSTER_SENDTO = "198.167.189.18,198.167.189.19,198.167.189.20,198.167.189.25,198.167.189.26,198.167.189.28,198.167.189.29,198.167.189.30,143.110.234.14"
 +CLUSTER_RECVFROM = "198.167.189.18,198.167.189.19,198.167.189.20,198.167.189.25,198.167.189.26,198.167.189.28,198.167.189.29,198.167.189.30,143.110.234.14"
 +CLUSTER_MASTER = "198.167.189.18"
 +CLUSTER_KEY = "MyLFDClusterKey"
 +CLUSTER_CONFIG = "1"
 ST_SYSTEM = "0" ST_SYSTEM = "0"
 +IPTABLES = "/usr/sbin/iptables"
 +IPTABLES_SAVE = "/usr/sbin/iptables-save"
 +IPTABLES_RESTORE = "/usr/sbin/iptables-restore"
 +IP6TABLES_SAVE = "/usr/sbin/ip6tables-save"
 +IP6TABLES_RESTORE = "/usr/sbin/ip6tables-restore"
 +MODPROBE = "/usr/sbin/modprobe"
 +IFCONFIG = "/usr/sbin/ifconfig"
 SENDMAIL = "/opt/zimbra/common/sbin/sendmail" SENDMAIL = "/opt/zimbra/common/sbin/sendmail"
-HTACCESS_LOG = "/var/log/httpd/error_log" +PS = "/usr/bin/ps" 
-MODSEC_LOG = "/var/log/httpd/error_log"+NETSTAT = "/usr/bin/netstat" 
 +LS = "/usr/bin/ls" 
 +TAR = "/usr/bin/tar" 
 +GUNZIP = "/usr/bin/gunzip" 
 +DD = "/usr/bin/dd" 
 +GREP = "/usr/bin/grep" 
 +IP = "/usr/sbin/ip" 
 +HTACCESS_LOG = "/var/log/apache2/error_log" 
 +MODSEC_LOG = "/var/log/apache2/error_log
 +SSHD_LOG = "/var/log/auth.log" 
 +SU_LOG = "/var/log/syslog" 
 +FTPD_LOG = "/var/log/syslog"
 SMTPAUTH_LOG = "/var/log/secure" SMTPAUTH_LOG = "/var/log/secure"
-CUSTOM1_LOG = "/var/log/maillog"+POP3D_LOG = "/var/log/mail.log" 
 +IMAPD_LOG = "/var/log/mail.log" 
 +IPTABLES_LOG = "/var/log/syslog" 
 +SUHOSIN_LOG = "/var/log/syslog" 
 +BIND_LOG = "/var/log/syslog" 
 +SYSLOG_LOG = "/var/log/syslog" 
 +WEBMIN_LOG = "/var/log/auth.log" 
 +CUSTOM1_LOG = "/var/log/mail.log" 
 +PORTS_pop3d = "25,110,143,465,587,993,995" 
 +PORTS_imapd = "25,110,143,465,587,993,995" 
 +PORTS_sshd = "22,2222"
 GENERIC = "1" GENERIC = "1"
 </file> </file>
  
internet/mail/zimbra/zimbra_firewall.1540934334.txt.gz · Last modified: 2018/10/30 15:18 by gcooper

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki