From cae25a46676f1e93675ed81b49ba5e01b5f7725c Mon Sep 17 00:00:00 2001
From: iFargle <albert@sysctl.io>
Date: Wed, 6 Dec 2023 22:23:02 +0900
Subject: [PATCH] Test xinetd for mailserver stuff

---
 nixos/hosts/osaka-linode-01/firewall.nix | 102 ++++++++++++++++++-----
 1 file changed, 79 insertions(+), 23 deletions(-)

diff --git a/nixos/hosts/osaka-linode-01/firewall.nix b/nixos/hosts/osaka-linode-01/firewall.nix
index b9f8a468..f3f2c377 100644
--- a/nixos/hosts/osaka-linode-01/firewall.nix
+++ b/nixos/hosts/osaka-linode-01/firewall.nix
@@ -34,29 +34,29 @@
     iptables -t nat -A PREROUTING  -p tcp --dport 443 -j DNAT --to-destination 10.100.0.2
     iptables -t nat -A POSTROUTING -p tcp --dport 443 -j MASQUERADE
     
-    # PORT 25  
-    iptables -t nat -A PREROUTING  -p tcp --dport 25 -j DNAT --to-destination 10.100.0.2
-    iptables -t nat -A POSTROUTING -p tcp --dport 25 -j MASQUERADE
-    
-    # PORT 465 
-    iptables -t nat -A PREROUTING  -p tcp --dport 465 -j DNAT --to-destination 10.100.0.2
-    iptables -t nat -A POSTROUTING -p tcp --dport 465 -j MASQUERADE
-    
-    # PORT 587 
-    iptables -t nat -A PREROUTING  -p tcp --dport 587 -j DNAT --to-destination 10.100.0.2
-    iptables -t nat -A POSTROUTING -p tcp --dport 587 -j MASQUERADE
-    
-    # PORT 143 
-    iptables -t nat -A PREROUTING  -p tcp --dport 143 -j DNAT --to-destination 10.100.0.2
-    iptables -t nat -A POSTROUTING -p tcp --dport 143 -j MASQUERADE
-    
-    # PORT 993 
-    iptables -t nat -A PREROUTING  -p tcp --dport 993 -j DNAT --to-destination 10.100.0.2
-    iptables -t nat -A POSTROUTING -p tcp --dport 993 -j MASQUERADE
-    
-    # PORT 4190
-    iptables -t nat -A PREROUTING  -p tcp --dport 4190 -j DNAT --to-destination 10.100.0.2
-    iptables -t nat -A POSTROUTING -p tcp --dport 4190 -j MASQUERADE
+    # # PORT 25  
+    # iptables -t nat -A PREROUTING  -p tcp --dport 25 -j DNAT --to-destination 10.100.0.2
+    # iptables -t nat -A POSTROUTING -p tcp --dport 25 -j MASQUERADE
+    # 
+    # # PORT 465 
+    # iptables -t nat -A PREROUTING  -p tcp --dport 465 -j DNAT --to-destination 10.100.0.2
+    # iptables -t nat -A POSTROUTING -p tcp --dport 465 -j MASQUERADE
+    # 
+    # # PORT 587 
+    # iptables -t nat -A PREROUTING  -p tcp --dport 587 -j DNAT --to-destination 10.100.0.2
+    # iptables -t nat -A POSTROUTING -p tcp --dport 587 -j MASQUERADE
+    # 
+    # # PORT 143 
+    # iptables -t nat -A PREROUTING  -p tcp --dport 143 -j DNAT --to-destination 10.100.0.2
+    # iptables -t nat -A POSTROUTING -p tcp --dport 143 -j MASQUERADE
+    # 
+    # # PORT 993 
+    # iptables -t nat -A PREROUTING  -p tcp --dport 993 -j DNAT --to-destination 10.100.0.2
+    # iptables -t nat -A POSTROUTING -p tcp --dport 993 -j MASQUERADE
+    # 
+    # # PORT 4190
+    # iptables -t nat -A PREROUTING  -p tcp --dport 4190 -j DNAT --to-destination 10.100.0.2
+    # iptables -t nat -A POSTROUTING -p tcp --dport 4190 -j MASQUERADE
     
     # PORT 42420
     iptables -t nat -A PREROUTING  -p tcp --dport 42420 -j DNAT --to-destination 10.100.0.2
@@ -95,4 +95,60 @@
     iptables -t nat -A PREROUTING  -p udp --dport 3478 -j DNAT --to-destination 10.100.0.2
     iptables -t nat -A POSTROUTING -p udp --dport 3478 -j MASQUERADE
   '';
+
+
+  services.xinetd = {
+    enable = true;
+    services = [
+      {
+        name = "mail 25";
+        port = 25;
+        protocol = "tcp";
+        unlisted = true;
+        server = "/usr/bin/env"; # Placeholder.
+        extraConfig = "redirect = 10.100.0.2 25";
+      }
+      {
+        name = "mail 465";
+        port = 465;
+        protocol = "tcp";
+        unlisted = true;
+        server = "/usr/bin/env"; # Placeholder.
+        extraConfig = "redirect = 10.100.0.2 465";
+      }
+      {
+        name = "mail 587";
+        port = 587;
+        protocol = "tcp";
+        unlisted = true;
+        server = "/usr/bin/env"; # Placeholder.
+        extraConfig = "redirect = 10.100.0.2 587";
+      }
+      {
+        name = "mail 143";
+        port = 143;
+        protocol = "tcp";
+        unlisted = true;
+        server = "/usr/bin/env"; # Placeholder.
+        extraConfig = "redirect = 10.100.0.2 143";
+      }
+      {
+        name = "mail 993";
+        port = 993;
+        protocol = "tcp";
+        unlisted = true;
+        server = "/usr/bin/env"; # Placeholder.
+        extraConfig = "redirect = 10.100.0.2 993";
+      }
+      {
+        name = "mail 4190";
+        port = 4190;
+        protocol = "tcp";
+        unlisted = true;
+        server = "/usr/bin/env"; # Placeholder.
+        extraConfig = "redirect = 10.100.0.2 4190";
+      }
+    ];
+  };
+
 }
\ No newline at end of file