Customizing the MailCleaner firewall

MailCleaner Support
Added over 2 years ago

If you change the MailCleaner server's firewall rules with iptables directly, the changes will only be temporary and will be removed on next reboot.

Here is how to add definitively some rules to the MailCleaner firewall

Log on your master node in command line

Connect to the master instance of MySQL

/usr/mailcleaner/bin/mc_mysql -m mc_config

Add the rlues via such sql statements :
This allows the IP 192.168.0.1 to connect via ssh to the server.

insert into external_access (service,port,protocol,allowed_ip) values ('SSH','22','TCP','192.168.0.1/32');

This is an equivalent to

iptables -A INPUT -s 192.168.0.1/32 -p tcp -m tcp --dport 22 -j ACCEPT

(exit from MySQL)
Restart the firewall

/usr/mailcleaner/etc/init.d/firewall restart