Архив за месяц: Январь 2014

Имя хоста Centos

1	vi /etc/sysconfig/network

vi /etc/sysconfig/network

1 2	NETWORKING=yes HOSTNAME=hostname

NETWORKING=yes
HOSTNAME=hostname

Webmin Centos 6 install

1 комментарий

Устанавливаем ключ

1	rpm --import http://www.webmin.com/jcameron-key.asc

rpm --import http://www.webmin.com/jcameron-key.asc

Репо файл

1	vi /etc/yum.repos.d/webmin.repo

vi /etc/yum.repos.d/webmin.repo

[Webmin]
name=Webmin Distribution Neutral
baseurl=http://download.webmin.com/download/yum
enabled=1

[Webmin]
name=Webmin Distribution Neutral
baseurl=http://download.webmin.com/download/yum
enabled=1

Установка

1	yum install webmin

yum install webmin

Добавляем в автозагрузку

1	chkconfig webmin on

chkconfig webmin on

Настройки

1	/etc/webmin/miniserv.conf

/etc/webmin/miniserv.conf

Ограничение количества писем в exim

Добавить комментарий

1	vi /etc/exim/exim.conf

vi /etc/exim/exim.conf

acl_not_smtp = acl_not_smtp
 
######
begin acl
######
 
acl_not_smtp:
deny message = Sender rate overlimit - $sender_rate / $sender_rate_period
ratelimit = 50 / 1h / leaky
accept
 
acl_check_rcpt:
deny message = Sender rate SMTP overlimit - $sender_rate / $sender_rate_period
ratelimit = 100 / 1h / leaky
 
accept hosts = net-lsearch;/etc/exim/whitelist

acl_not_smtp = acl_not_smtp

######
begin acl
######

acl_not_smtp:
deny message = Sender rate overlimit - $sender_rate / $sender_rate_period
ratelimit = 50 / 1h / leaky
accept

acl_check_rcpt:
deny message = Sender rate SMTP overlimit - $sender_rate / $sender_rate_period
ratelimit = 100 / 1h / leaky

accept hosts = net-lsearch;/etc/exim/whitelist

50 писем в час для почты отправленной по phpmail и в 100 писем для отправки через SMTP

Firewall Vesta

Добавить комментарий

1	vi /etc/sysconfig/iptables

vi /etc/sysconfig/iptables

# Generated by iptables-save v1.4.7 on Fri Jun 7 14:37:21 2013
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
#ftp
-A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
#ssh
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
#smtp
-A INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
#pop
-A INPUT -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT
#dns
-A INPUT -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
#http
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
#
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
#vesta
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8083 -j ACCEPT
#ftp passive ports
-A INPUT -p tcp -m state --state NEW -m tcp --dport 12000:12100 -j ACCEPT
#webmin
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10000 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Fri Jun 7 14:37:21 2013

# Generated by iptables-save v1.4.7 on Fri Jun 7 14:37:21 2013
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
#ftp
-A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
#ssh
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
#smtp
-A INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
#pop
-A INPUT -p tcp -m state --state NEW -m tcp --dport 110 -j ACCEPT
#dns
-A INPUT -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
#http
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
#
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
#vesta
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8083 -j ACCEPT
#ftp passive ports
-A INPUT -p tcp -m state --state NEW -m tcp --dport 12000:12100 -j ACCEPT
#webmin
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10000 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Fri Jun 7 14:37:21 2013

загрузка при старте

1	chkconfig iptables on

chkconfig iptables on

запуск

1	service iptables start

service iptables start

SCBlog

@ блокнот

Архив за месяц: Январь 2014

Имя хоста Centos

Webmin Centos 6 install

Ограничение количества писем в exim

Firewall Vesta