-
Fail2ban
+
Netfilter
-
-
-
+
+
+
diff --git a/data/web/edit.php b/data/web/edit.php
index 43e055ca..1611a6af 100644
--- a/data/web/edit.php
+++ b/data/web/edit.php
@@ -661,7 +661,7 @@ if (isset($_SESSION['mailcow_cc_role'])) {
?>
Recipient map: =$result['recipient_map_old'];?>
-
diff --git a/data/web/favicon.png b/data/web/favicon.png
index 6390041d..69eb2fcd 100644
Binary files a/data/web/favicon.png and b/data/web/favicon.png differ
diff --git a/data/web/img/cow_lock.svg b/data/web/img/cow_lock.svg
new file mode 100644
index 00000000..2be88dec
--- /dev/null
+++ b/data/web/img/cow_lock.svg
@@ -0,0 +1,198 @@
+
+
+
+
\ No newline at end of file
diff --git a/data/web/inc/functions.docker.inc.php b/data/web/inc/functions.docker.inc.php
index 5b6afa9f..11747f25 100644
--- a/data/web/inc/functions.docker.inc.php
+++ b/data/web/inc/functions.docker.inc.php
@@ -7,6 +7,7 @@ function docker($service_name, $action, $attr1 = null, $attr2 = null, $extra_hea
curl_setopt($curl, CURLOPT_URL, 'http://dockerapi:8080/containers/json');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 0);
+ curl_setopt($curl, CURLOPT_TIMEOUT, 4);
$response = curl_exec($curl);
if ($response === false) {
$err = curl_error($curl);
@@ -32,6 +33,7 @@ function docker($service_name, $action, $attr1 = null, $attr2 = null, $extra_hea
curl_setopt($curl, CURLOPT_URL, 'http://dockerapi:8080/containers/' . $container_id . '/json');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 0);
+ curl_setopt($curl, CURLOPT_TIMEOUT, 4);
$response = curl_exec($curl);
if ($response === false) {
$err = curl_error($curl);
@@ -58,6 +60,7 @@ function docker($service_name, $action, $attr1 = null, $attr2 = null, $extra_hea
if (ctype_xdigit($container_id) && ctype_alnum($attr1)) {
curl_setopt($curl, CURLOPT_URL, 'http://dockerapi:8080/containers/' . $container_id . '/' . $attr1);
curl_setopt($curl, CURLOPT_POST, 1);
+ curl_setopt($curl, CURLOPT_TIMEOUT, 4);
if (!empty($attr2)) {
curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($attr2));
}
diff --git a/data/web/inc/functions.fail2ban.inc.php b/data/web/inc/functions.fail2ban.inc.php
index b78fb36a..5acbf60f 100644
--- a/data/web/inc/functions.fail2ban.inc.php
+++ b/data/web/inc/functions.fail2ban.inc.php
@@ -4,30 +4,26 @@ function fail2ban($_action, $_data = null) {
global $lang;
switch ($_action) {
case 'get':
- $data = array();
+ $f2b_options = array();
if ($_SESSION['mailcow_cc_role'] != "admin") {
return false;
}
try {
- $data['ban_time'] = $redis->Get('F2B_BAN_TIME');
- $data['max_attempts'] = $redis->Get('F2B_MAX_ATTEMPTS');
- $data['retry_window'] = $redis->Get('F2B_RETRY_WINDOW');
- $data['netban_ipv4'] = $redis->Get('F2B_NETBAN_IPV4');
- $data['netban_ipv6'] = $redis->Get('F2B_NETBAN_IPV6');
+ $f2b_options = json_decode($redis->Get('F2B_OPTIONS'), true);
$wl = $redis->hGetAll('F2B_WHITELIST');
if (is_array($wl)) {
foreach ($wl as $key => $value) {
$tmp_data[] = $key;
}
if (isset($tmp_data)) {
- $data['whitelist'] = implode(PHP_EOL, $tmp_data);
+ $f2b_options['whitelist'] = implode(PHP_EOL, $tmp_data);
}
else {
- $data['whitelist'] = "";
+ $f2b_options['whitelist'] = "";
}
}
else {
- $data['whitelist'] = "";
+ $f2b_options['whitelist'] = "";
}
}
catch (RedisException $e) {
@@ -37,7 +33,7 @@ function fail2ban($_action, $_data = null) {
);
return false;
}
- return $data;
+ return $f2b_options;
break;
case 'edit':
if ($_SESSION['mailcow_cc_role'] != "admin") {
@@ -63,21 +59,16 @@ function fail2ban($_action, $_data = null) {
return false;
}
$wl = $_data['whitelist'];
- $ban_time = ($ban_time < 60) ? 60 : $ban_time;
-
- $netban_ipv4 = ($netban_ipv4 < 8) ? 8 : $netban_ipv4;
- $netban_ipv6 = ($netban_ipv6 < 8) ? 8 : $netban_ipv6;
- $netban_ipv4 = ($netban_ipv4 > 32) ? 32 : $netban_ipv4;
- $netban_ipv6 = ($netban_ipv6 > 128) ? 128 : $netban_ipv6;
-
- $max_attempts = ($max_attempts < 1) ? 1 : $max_attempts;
- $retry_window = ($retry_window < 1) ? 1 : $retry_window;
+ $f2b_options = array();
+ $f2b_options['ban_time'] = ($ban_time < 60) ? 60 : $ban_time;
+ $f2b_options['netban_ipv4'] = ($netban_ipv4 < 8) ? 8 : $netban_ipv4;
+ $f2b_options['netban_ipv6'] = ($netban_ipv6 < 8) ? 8 : $netban_ipv6;
+ $f2b_options['netban_ipv4'] = ($netban_ipv4 > 32) ? 32 : $netban_ipv4;
+ $f2b_options['netban_ipv6'] = ($netban_ipv6 > 128) ? 128 : $netban_ipv6;
+ $f2b_options['max_attempts'] = ($max_attempts < 1) ? 1 : $max_attempts;
+ $f2b_options['retry_window'] = ($retry_window < 1) ? 1 : $retry_window;
try {
- $redis->Set('F2B_BAN_TIME', $ban_time);
- $redis->Set('F2B_MAX_ATTEMPTS', $max_attempts);
- $redis->Set('F2B_RETRY_WINDOW', $retry_window);
- $redis->Set('F2B_NETBAN_IPV4', $netban_ipv4);
- $redis->Set('F2B_NETBAN_IPV6', $netban_ipv6);
+ $redis->Set('F2B_OPTIONS', json_encode($f2b_options));
$redis->Del('F2B_WHITELIST');
if(!empty($wl)) {
$wl_array = array_map('trim', preg_split( "/( |,|;|\n)/", $wl));
diff --git a/data/web/inc/functions.inc.php b/data/web/inc/functions.inc.php
index f7f08403..54ca415e 100644
--- a/data/web/inc/functions.inc.php
+++ b/data/web/inc/functions.inc.php
@@ -1134,13 +1134,13 @@ function get_logs($container, $lines = false) {
return $data_array;
}
}
- if ($container == "fail2ban-mailcow") {
+ if ($container == "netfilter-mailcow") {
if (!is_numeric($lines)) {
list ($from, $to) = explode('-', $lines);
- $data = $redis->lRange('F2B_LOG', intval($from), intval($to));
+ $data = $redis->lRange('NETFILTER_LOG', intval($from), intval($to));
}
else {
- $data = $redis->lRange('F2B_LOG', 0, intval($lines));
+ $data = $redis->lRange('NETFILTER_LOG', 0, intval($lines));
}
if ($data) {
foreach ($data as $json_line) {
diff --git a/data/web/inc/init_db.inc.php b/data/web/inc/init_db.inc.php
index f3577d50..f059ced0 100644
--- a/data/web/inc/init_db.inc.php
+++ b/data/web/inc/init_db.inc.php
@@ -3,7 +3,7 @@ function init_db_schema() {
try {
global $pdo;
- $db_version = "27012018_1721";
+ $db_version = "30012018_1521";
$stmt = $pdo->query("SHOW TABLES LIKE 'versions'");
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
@@ -21,10 +21,6 @@ function init_db_schema() {
AND active = '1'
AND address NOT LIKE '@%'
GROUP BY goto;",
- "grouped_sender_acl" => "CREATE VIEW grouped_sender_acl (username, send_as_acl) AS
- SELECT logged_in_as, IFNULL(GROUP_CONCAT(send_as SEPARATOR ' '), '') AS send_as_acl FROM sender_acl
- WHERE send_as NOT LIKE '@%'
- GROUP BY logged_in_as;",
"grouped_domain_alias_address" => "CREATE VIEW grouped_domain_alias_address (username, ad_alias) AS
SELECT username, IFNULL(GROUP_CONCAT(local_part, '@', alias_domain SEPARATOR ' '), '') AS ad_alias FROM mailbox
LEFT OUTER JOIN alias_domain ON target_domain=domain
@@ -193,7 +189,6 @@ function init_db_schema() {
"tls_enforce_out" => "TINYINT(1) NOT NULL DEFAULT '0'",
"kind" => "VARCHAR(100) NOT NULL DEFAULT ''",
"multiple_bookings" => "TINYINT(1) NOT NULL DEFAULT '0'",
- "wants_tagged_subject" => "TINYINT(1) NOT NULL DEFAULT '0'",
"created" => "DATETIME(0) NOT NULL DEFAULT NOW(0)",
"modified" => "DATETIME ON UPDATE CURRENT_TIMESTAMP",
"active" => "TINYINT(1) NOT NULL DEFAULT '1'"
@@ -250,7 +245,8 @@ function init_db_schema() {
"eas_reset" => "TINYINT(1) NOT NULL DEFAULT '1'",
"filters" => "TINYINT(1) NOT NULL DEFAULT '1'",
"quarantaine" => "TINYINT(1) NOT NULL DEFAULT '1'",
- "bcc_maps" => "TINYINT(1) NOT NULL DEFAULT '1'",
+ "bcc_maps" => "TINYINT(1) NOT NULL DEFAULT '0'",
+ "recipient_maps" => "TINYINT(1) NOT NULL DEFAULT '0'",
),
"keys" => array(
"fkey" => array(
diff --git a/data/web/js/debug.js b/data/web/js/debug.js
index 48ebd5e9..4ffcc044 100644
--- a/data/web/js/debug.js
+++ b/data/web/js/debug.js
@@ -31,9 +31,9 @@ jQuery(function($){
e.preventDefault();
draw_acme_logs();
});
- $("#refresh_fail2ban_log").on('click', function(e) {
+ $("#refresh_netfilter_log").on('click', function(e) {
e.preventDefault();
- draw_fail2ban_logs();
+ draw_netfilter_logs();
});
$("#refresh_rspamd_history").on('click', function(e) {
e.preventDefault();
@@ -206,8 +206,8 @@ jQuery(function($){
}
});
}
- function draw_fail2ban_logs() {
- ft_fail2ban_logs = FooTable.init('#fail2ban_log', {
+ function draw_netfilter_logs() {
+ ft_netfilter_logs = FooTable.init('#netfilter_log', {
"columns": [
{"name":"time","formatter":function unix_time_format(tm) { var date = new Date(tm ? tm * 1000 : 0); return date.toLocaleString();},"title":lang.time,"style":{"width":"170px"}},
{"name":"priority","title":lang.priority,"style":{"width":"80px"}},
@@ -215,10 +215,10 @@ jQuery(function($){
],
"rows": $.ajax({
dataType: 'json',
- url: '/api/v1/get/logs/fail2ban',
+ url: '/api/v1/get/logs/netfilter',
jsonp: false,
error: function () {
- console.log('Cannot draw fail2ban log table');
+ console.log('Cannot draw netfilter log table');
},
success: function (data) {
return process_table_data(data, 'general_syslog');
@@ -497,7 +497,7 @@ jQuery(function($){
draw_watchdog_logs();
draw_acme_logs();
draw_api_logs();
- draw_fail2ban_logs();
+ draw_netfilter_logs();
draw_rspamd_history();
-});
\ No newline at end of file
+});
diff --git a/data/web/json_api.php b/data/web/json_api.php
index 8c2c5b44..9d6e9761 100644
--- a/data/web/json_api.php
+++ b/data/web/json_api.php
@@ -880,14 +880,14 @@ if (isset($_SESSION['mailcow_cc_role']) || isset($_SESSION['pending_mailcow_cc_u
echo '{}';
}
break;
- case "fail2ban":
+ case "netfilter":
// 0 is first record, so empty is fine
if (isset($extra)) {
$extra = preg_replace('/[^\d\-]/i', '', $extra);
- $logs = get_logs('fail2ban-mailcow', $extra);
+ $logs = get_logs('netfilter-mailcow', $extra);
}
else {
- $logs = get_logs('fail2ban-mailcow');
+ $logs = get_logs('netfilter-mailcow');
}
if (isset($logs) && !empty($logs)) {
echo json_encode($logs, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT);
diff --git a/data/web/lang/lang.de.php b/data/web/lang/lang.de.php
index a874eea1..71587fcf 100644
--- a/data/web/lang/lang.de.php
+++ b/data/web/lang/lang.de.php
@@ -666,3 +666,14 @@ $lang['mailbox']['bcc_to_rcpt'] = "Map empfängerabhängig verwenden";
$lang['mailbox']['add_bcc_entry'] = "BCC-Eintrag hinzufügen";
$lang['mailbox']['bcc_info'] = "Eine empfängerabhängige Map wird verwendet, wenn die BCC-Map Eintragung auf den Eingang einer E-Mail auf das lokale Ziel reagieren soll. Senderabhängige Maps verfahren nach dem gleichen Prinzip.
Das lokale Ziel wird bei Fehlzustellungen an ein BCC-Ziel nicht informiert.";
+$lang['mailbox']['address_rewriting'] = 'Adressumschreibung';
+$lang['mailbox']['recipient_maps'] = 'Empfängerumschreibungen';
+$lang['mailbox']['recipient_map_info'] = 'Empfängerumschreibung ersetzen den Empfänger einer E-Mail vor dem Versand.';
+$lang['mailbox']['recipient_map_old'] = 'Original Empfänger';
+$lang['mailbox']['recipient_map_new'] = 'Neuer Empfänger';
+$lang['mailbox']['add_recipient_map_entry'] = 'Empfängerumschreibung hinzufügen';
+$lang['mailbox']['sender_maps'] = 'Senderumschreibungen';
+$lang['mailbox']['sender_map_info'] = 'Senderumschreibungen werden verwendet, um den Absender einer E-Mail noch vor dem Versand umzuschreiben.';
+$lang['mailbox']['sender_map_old'] = 'Original Absender';
+$lang['mailbox']['sender_map_new'] = 'Neuer Absender';
+$lang['mailbox']['add_sender_map_entry'] = 'Senderumschreibung hinzufügen';
\ No newline at end of file
diff --git a/data/web/lang/lang.en.php b/data/web/lang/lang.en.php
index 41795bc3..50eb64f9 100644
--- a/data/web/lang/lang.en.php
+++ b/data/web/lang/lang.en.php
@@ -666,4 +666,9 @@ $lang['mailbox']['recipient_maps'] = 'Recipient maps';
$lang['mailbox']['recipient_map_info'] = 'Recipient maps are used to replace the destination address on a message before it is delivered.';
$lang['mailbox']['recipient_map_old'] = 'Original recipient';
$lang['mailbox']['recipient_map_new'] = 'New recipient';
-$lang['mailbox']['add_recipient_map_entry'] = 'Add recipient map';
\ No newline at end of file
+$lang['mailbox']['add_recipient_map_entry'] = 'Add recipient map';
+$lang['mailbox']['sender_maps'] = 'Sender maps';
+$lang['mailbox']['sender_map_info'] = 'Sender maps are used to replace the sender address on a message before it is sent.';
+$lang['mailbox']['sender_map_old'] = 'Original sender';
+$lang['mailbox']['sender_map_new'] = 'New sender';
+$lang['mailbox']['add_sender_map_entry'] = 'Add sender map';
\ No newline at end of file