Mail-rules
#######################
#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK CONNLIMIT TIME
# PORT PORT(S) DEST LIMIT GROUP
##?SECTION ALL
#?SECTION ESTABLISHED
#?SECTION RELATED
#?SECTION INVALID
#?SECTION UNTRACKED
SECTION NEW
DNS/ACCEPT $FW net
DNS/ACCEPT loc net
NTP/ACCEPT $FW net
##WEBMIN
ACCEPT net $FW tcp 10000
ACCEPT loc $FW tcp 10000
ACCEPT loc $FW tcp 20000
## Accept connections from the Internet to the Server
ACCEPT net $FW tcp 22
ACCEPT net $FW tcp 7575
ACCEPT net $FW tcp 80
ACCEPT net $FW tcp 143
ACCEPT net $FW tcp 443
ACCEPT net $FW tcp 123
ACCEPT net $FW udp 123
ACCEPT net $FW tcp 667
ACCEPT net $FW tcp 465
ACCEPT net $FW tcp 587
ACCEPT net $FW tcp 993
ACCEPT net $FW tcp 995
ACCEPT net $FW tcp 3000 # [nTop]
ACCEPT net $FW tcp 8000 # [Ajenti]
ACCEPT net $FW tcp 9090 # [cockpit]
ACCEPT net $FW tcp 3389 # [Remote DeskTop]
##VNC
ACCEPT net $FW tcp 5800
ACCEPT net $FW tcp 5900
ACCEPT net $FW tcp 5901
##SpamAssassin
ACCEPT net $FW tcp 6277
ACCEPT loc $FW tcp 6277
ACCEPT net $FW tcp 24441
ACCEPT loc $FW tcp 24441
ACCEPT net $FW udp 24441
ACCEPT loc $FW udp 24441
ACCEPT net $FW tcp 2703
ACCEPT loc $FW tcp 2703
# Allow the internet to connect to web server
#ACCEPT net $FW tcp 80
# Allow telnet and ssh, port range 22-23
#ACCEPT net $FW tcp 22:23
# Allow Outgoing SMTP Traffic on Multiple ports
#ACCEPT $FW net tcp 25,26,465,587
# Make ping work
#
ACCEPT fw loc icmp 8
ACCEPT loc fw icmp 8
ACCEPT fw net icmp 8
ACCEPT net fw icmp 8
## POP 3
ACCEPT fw loc tcp 110
ACCEPT loc fw tcp 110
ACCEPT fw net tcp 110
ACCEPT net fw tcp 110
##Allow here any outside SMTP server that the client needs to connect in 25 port
ACCEPT:info loc net:202.22.192.1 tcp 25
ACCEPT:info loc net:202.22.192.3 tcp 25
ACCEPT:info loc net:202.22.192.2 tcp 25
ACCEPT:info net fw tcp 25
ACCEPT:info loc fw tcp 25
ACCEPT:info fw net tcp 25
REJECT:info loc net tcp 25
ACCEPT:info net fw tcp 465
ACCEPT:info net fw tcp 587
ACCEPT:info net fw tcp 993
ACCEPT:info net fw tcp 995
ACCEPT:info net fw tcp 2526
##To redirect 80 port request to 3128 port
#REDIRECT loc 3128 tcp www