disable port 111 (for rpcbind under CentOS 7+)

kloxo/httpdocs/driver/mmail/servermail__qmaillib.php

@@ -123,9 +123,11 @@ function save_control_qmail()
 			lxshell_return("/var/qmail/bin/simscanmk", "-g");
 
 			$cpath = "/var/qmail/supervise/clamd";
-
-			lxfile_mv("{$cpath}/down", "{$cpath}/run");
-			lxfile_mv("{$cpath}/log/down", "{$cpath}/log/run");
+
+			if (file_exists($cpath)) {
+				lxfile_mv("{$cpath}/down", "{$cpath}/run");
+				lxfile_mv("{$cpath}/log/down", "{$cpath}/log/run");
+			}
 
 			createRestartFile("restart-mail");
 
@@ -144,9 +146,11 @@ function save_control_qmail()
 				lxshell_return("yum", "remove", "-y", "simscan-toaster");
 
 				$cpath = "/var/qmail/supervise/clamd";
-
-				lxfile_mv("{$cpath}/run", "{$cpath}/down");
-				lxfile_mv("{$cpath}/log/run", "{$cpath}/log/down");
+
+				if (file_exists($cpath)) {
+					lxfile_mv("{$cpath}/run", "{$cpath}/down");
+					lxfile_mv("{$cpath}/log/run", "{$cpath}/log/down");
+				}
 
 				// MR -- clamav for ftp upload file
 				exec("sh /script/pure-ftpd-without-clamav");
@@ -161,6 +165,9 @@ function save_control_qmail()
 			$slbin = "/var/qmail/bin/sendlimiter";
 			lfile_put_contents("/var/qmail/control/sendlimit", $this->main->send_limit);
 			exec("'cp' -f ../file/qmail/var/qmail/bin/sendlimiter {$slbin}; chown root:qmail {$slbin}; chmod 755 {$slbin}; sh {$slbin}");
+		} else {
+			exec("'rm' -f /var/qmail/control/sendlimit");
+			exec("'cp' -f ../file/qmail/var/qmail/bin/sendlimiter {$slbin}; chown root:qmail {$slbin}; chmod 755 {$slbin}; sh {$slbin}");
 		}
 	}
 

kloxo/httpdocs/driver/pserver/ipaddress__redhatlib.php

@@ -6,6 +6,8 @@ function IpaddressEdit($action)
 	{
 		global $gbl, $sgbl, $login;
 
+		if ($this->main->devname === 'NAT') { return; }
+
 		$this->checkForEthBase();
 
 		if ($sgbl->dbg > 1 && $this->main->devname === 'eth0') {
@@ -105,8 +107,6 @@ function dbactionAdd()
 	//	createRestartFile($this->main->__var_dnsdriver);
 		createRestartFile("restart-dns");
 
-		$result = self::getCurrentIps();
-
 		// MR -- not needed because Kloxo-MR use *:port instead existing ip for webconfig
 	//	exec("sh /script/fixweb --target=defaults");
 	}

kloxo/httpdocs/driver/pserver/ipaddresslib.php

@@ -161,6 +161,8 @@ static function getIpList($parent)
 			list($devname, $id) = explode("-", $row);
 
 			$result[] = $devname;
+			// MR -- assume device number are 0-9
+			$result[] = 'NAT' . substr($devname, -1);
 		}
 
 		return array_unique($result);
@@ -607,7 +609,11 @@ static function VerifyString($parent, $param)
 		}
 
 		if (!self::isValidIpaddress($param['netmask'])) {
-			throw new lxException($login->getThrow("invalid_netmask"), '', $param['netmask']);
+			if (strpos($param['devname'], 'NAT') !== false) {
+				// no action
+			} else {
+				throw new lxException($login->getThrow("invalid_netmask"), '', $param['netmask']);
+			}
 		}
 
 		$sq = new Sqlite($parent->__masterserver, "ipaddress");
@@ -651,8 +657,14 @@ static function add($parent, $class, $param)
 		}
 
 		$param['ipaddr'] = trim($param['ipaddr']);
-		$param['gateway'] = trim($param['gateway']);
-		$param['netmask'] = trim($param['netmask']);
+
+		if (strpos($dev, 'NAT') !== false) {
+			$param['gateway'] = trim($param['gateway']);
+			$param['netmask'] = trim($param['netmask']);
+		} else {
+			$param['gateway'] = '';
+			$param['netmask'] = '';
+		}
 
 		self::VerifyString($parent, $param);
 

kloxo/httpdocs/lang/en-us/desclib.php

@@ -1467,4 +1467,4 @@
 
 $__description["enable_php52m_fpm"] = array("Enable PHP52m as FPM (only 'static' PM)");
 
-$__description["send_limit"] = array("Send Limit (per-account per-day)");
+$__description["send_limit"] = array("Send Limit (per-account per-day; blank to reset)");

kloxo/pscript/disable-rpcbind

@@ -0,0 +1,15 @@
+#!/bin/sh
+
+
+if [ "$(command -v systemctl)" != "" ] ; then
+	echo "Disable rpcbind"
+	systemctl stop rpcbind
+	systemctl disable rpcbind
+	systemctl mask rpcbind
+	systemctl stop rpcbind.socket
+	systemctl disable rpcbind.socket
+else
+	echo "Disable rpcbind only for Centos 7+"
+fi
+
+