From: Vincent Vanwaelscappel <vincent@cubedesigners.com>
Date: Tue, 2 Apr 2024 09:04:02 +0000 (+0200)
Subject: wip #6841
X-Git-Url: http://git.cubedesigners.com/?a=commitdiff_plain;h=3f740e346738fd402b8d32f285c1da994dee55ed;p=fluidbook-toolbox.git

wip #6841
---

diff --git a/resources/servers/alphaville/firewall b/resources/servers/alphaville/firewall
index 44ba90fe2..baf79b9d2 100644
--- a/resources/servers/alphaville/firewall
+++ b/resources/servers/alphaville/firewall
@@ -26,23 +26,24 @@ b3=195.70.4.231
 blacklist=($b0 $b1 $b2 $b3)
 
 s1=`dig +short brazil.cubedesigners.com | tail -1`
-s2=`dig +short dracula.cubedesigners.com | tail -1`
-s2_0=`dig +short devdock.cubedesigners.com | tail -1`
-s3=`dig +short dobermann.cubedesigners.com | tail -1`
-s4=`dig +short elephantman.cubedesigners.com | tail -1`
-s5=`dig +short godzilla.cubedesigners.com | tail -1`
-s5_0=`dig +short hostingdev.cubedesigners.com | tail -1`
-s5_1=`dig +short hosting.cubedesigners.com | tail -1`
-s5_2=`dig +short hosting2.fluidbook.com | tail -1`
-s5_3=`dig +short hosting.fluidbook.com | tail -1`
-s6=`dig +short her2.cubedesigners.com | tail -1`
-s6_0=`dig +short her.cubedesigners.com | tail -1`
-s6_1=`dig +short mail.cubedesigners.com | tail -1`
-s6_2=`dig +short mail2.cubedesigners.com | tail -1`
-s7=`dig +short kingkong.cubedesigners.com | tail -1`
-s8=`dig +short fastandfurious.cubedesigners.com | tail -1`
+s2=`dig +short cloudatlas.cubedesigners.com | tail -1`
+s3=`dig +short dracula.cubedesigners.com | tail -1`
+s3_0=`dig +short devdock.cubedesigners.com | tail -1`
+s4=`dig +short dobermann.cubedesigners.com | tail -1`
+s5=`dig +short elephantman.cubedesigners.com | tail -1`
+s6=`dig +short godzilla.cubedesigners.com | tail -1`
+s6_0=`dig +short hostingdev.cubedesigners.com | tail -1`
+s6_1=`dig +short hosting.cubedesigners.com | tail -1`
+s6_2=`dig +short hosting2.fluidbook.com | tail -1`
+s6_3=`dig +short hosting.fluidbook.com | tail -1`
+s7=`dig +short her2.cubedesigners.com | tail -1`
+s7_0=`dig +short her.cubedesigners.com | tail -1`
+s7_1=`dig +short mail.cubedesigners.com | tail -1`
+s7_2=`dig +short mail2.cubedesigners.com | tail -1`
+s8=`dig +short kingkong.cubedesigners.com | tail -1`
+s9=`dig +short fastandfurious.cubedesigners.com | tail -1`
 
-auth=($s1 $s2 $s2_0 $s3 $s4 $s5 $s5_0 $s5_1 $s5_2 $s5_3 $s6 $s6_0 $s6_1 $s6_2 $s7 $s8)
+auth=($s1 $s2 $s3 $s3_0 $s4 $s5 $s6 $s6_0 $s6_1 $s6_2 $s6_3 $s7 $s7_0 $s7_1 $s7_2 $s8 $s9)
 
 ufw allow 80
 ufw allow 443
diff --git a/resources/servers/brazil/firewall b/resources/servers/brazil/firewall
index 8a7cb80f7..71d1a9437 100644
--- a/resources/servers/brazil/firewall
+++ b/resources/servers/brazil/firewall
@@ -27,23 +27,24 @@ blacklist=($b0 $b1 $b2 $b3)
 
 s0=`dig +short alphaville.cubedesigners.com | tail -1`
 s0_0=`dig +short toolbox.fluidbook.com | tail -1`
-s2=`dig +short dracula.cubedesigners.com | tail -1`
-s2_0=`dig +short devdock.cubedesigners.com | tail -1`
-s3=`dig +short dobermann.cubedesigners.com | tail -1`
-s4=`dig +short elephantman.cubedesigners.com | tail -1`
-s5=`dig +short godzilla.cubedesigners.com | tail -1`
-s5_0=`dig +short hostingdev.cubedesigners.com | tail -1`
-s5_1=`dig +short hosting.cubedesigners.com | tail -1`
-s5_2=`dig +short hosting2.fluidbook.com | tail -1`
-s5_3=`dig +short hosting.fluidbook.com | tail -1`
-s6=`dig +short her2.cubedesigners.com | tail -1`
-s6_0=`dig +short her.cubedesigners.com | tail -1`
-s6_1=`dig +short mail.cubedesigners.com | tail -1`
-s6_2=`dig +short mail2.cubedesigners.com | tail -1`
-s7=`dig +short kingkong.cubedesigners.com | tail -1`
-s8=`dig +short fastandfurious.cubedesigners.com | tail -1`
+s2=`dig +short cloudatlas.cubedesigners.com | tail -1`
+s3=`dig +short dracula.cubedesigners.com | tail -1`
+s3_0=`dig +short devdock.cubedesigners.com | tail -1`
+s4=`dig +short dobermann.cubedesigners.com | tail -1`
+s5=`dig +short elephantman.cubedesigners.com | tail -1`
+s6=`dig +short godzilla.cubedesigners.com | tail -1`
+s6_0=`dig +short hostingdev.cubedesigners.com | tail -1`
+s6_1=`dig +short hosting.cubedesigners.com | tail -1`
+s6_2=`dig +short hosting2.fluidbook.com | tail -1`
+s6_3=`dig +short hosting.fluidbook.com | tail -1`
+s7=`dig +short her2.cubedesigners.com | tail -1`
+s7_0=`dig +short her.cubedesigners.com | tail -1`
+s7_1=`dig +short mail.cubedesigners.com | tail -1`
+s7_2=`dig +short mail2.cubedesigners.com | tail -1`
+s8=`dig +short kingkong.cubedesigners.com | tail -1`
+s9=`dig +short fastandfurious.cubedesigners.com | tail -1`
 
-auth=($s0 $s0_0 $s2 $s2_0 $s3 $s4 $s5 $s5_0 $s5_1 $s5_2 $s5_3 $s6 $s6_0 $s6_1 $s6_2 $s7 $s8)
+auth=($s0 $s0_0 $s2 $s3 $s3_0 $s4 $s5 $s6 $s6_0 $s6_1 $s6_2 $s6_3 $s7 $s7_0 $s7_1 $s7_2 $s8 $s9)
 
 
 for ip in "${blacklist[@]}"
diff --git a/resources/servers/cloudatlas/firewall b/resources/servers/cloudatlas/firewall
new file mode 100644
index 000000000..9fc754743
--- /dev/null
+++ b/resources/servers/cloudatlas/firewall
@@ -0,0 +1,86 @@
+#!/bin/bash
+
+export DEBIAN_FRONTEND=noninteractive
+apt install --no-install-recommends -y dnsutils
+# Reset all rules
+ufw --force reset
+# Disable firewall
+ufw disable
+
+ufw default allow outgoing
+
+l0=127.0.0.0/8
+l1=10.0.0.0/8
+l2=172.16.0.0/12
+l3=192.168.0.0/16
+i0=`dig +short paris.cubedesigners.com | tail -1`
+i1=`dig +short montpellier.cubedesigners.com | tail -1`
+i2=`dig +short tortuga.enhydra.fr | tail -1`
+
+local=($l0 $l1 $l2 $l3 $i0 $i1 $i2)
+
+b0=24.104.34.225
+b1=62.99.220.220
+b2=50.62.177.177
+b3=195.70.4.231
+blacklist=($b0 $b1 $b2 $b3)
+
+s0=`dig +short alphaville.cubedesigners.com | tail -1`
+s0_0=`dig +short toolbox.fluidbook.com | tail -1`
+s1=`dig +short brazil.cubedesigners.com | tail -1`
+s3=`dig +short dracula.cubedesigners.com | tail -1`
+s3_0=`dig +short devdock.cubedesigners.com | tail -1`
+s4=`dig +short dobermann.cubedesigners.com | tail -1`
+s5=`dig +short elephantman.cubedesigners.com | tail -1`
+s6=`dig +short godzilla.cubedesigners.com | tail -1`
+s6_0=`dig +short hostingdev.cubedesigners.com | tail -1`
+s6_1=`dig +short hosting.cubedesigners.com | tail -1`
+s6_2=`dig +short hosting2.fluidbook.com | tail -1`
+s6_3=`dig +short hosting.fluidbook.com | tail -1`
+s7=`dig +short her2.cubedesigners.com | tail -1`
+s7_0=`dig +short her.cubedesigners.com | tail -1`
+s7_1=`dig +short mail.cubedesigners.com | tail -1`
+s7_2=`dig +short mail2.cubedesigners.com | tail -1`
+s8=`dig +short kingkong.cubedesigners.com | tail -1`
+s9=`dig +short fastandfurious.cubedesigners.com | tail -1`
+
+auth=($s0 $s0_0 $s1 $s3 $s3_0 $s4 $s5 $s6 $s6_0 $s6_1 $s6_2 $s6_3 $s7 $s7_0 $s7_1 $s7_2 $s8 $s9)
+
+
+for ip in "${blacklist[@]}"
+do
+        ufw deny from $ip
+        ufw deny to $ip
+done
+
+for ip in "${local[@]}"
+do
+        ufw allow from $ip
+done
+
+for ip in "${auth[@]}"
+do
+	ufw allow from $ip
+	ufw allow to $ip
+done
+
+#SSH
+ufw deny out 22
+ufw deny out 22022
+ufw deny out 22822
+ufw deny out 22222
+# Finally enable firewall
+ufw --force enable
+
+# Enable loging
+ufw logging on
+
+# Display status
+ufw status verbose
+
+rm -f /etc/ufw/after.rules.*
+rm -f /etc/ufw/after6.rules.*
+rm -f /etc/ufw/before.rules.*
+rm -f /etc/ufw/before6.rules.*
+rm -f /lib/ufw/user6.rules.*
+rm -f /lib/ufw/user.rules.*
diff --git a/resources/servers/dobermann/firewall b/resources/servers/dobermann/firewall
index d292d48bb..4592542fc 100644
--- a/resources/servers/dobermann/firewall
+++ b/resources/servers/dobermann/firewall
@@ -28,22 +28,23 @@ blacklist=($b0 $b1 $b2 $b3)
 s0=`dig +short alphaville.cubedesigners.com | tail -1`
 s0_0=`dig +short toolbox.fluidbook.com | tail -1`
 s1=`dig +short brazil.cubedesigners.com | tail -1`
-s2=`dig +short dracula.cubedesigners.com | tail -1`
-s2_0=`dig +short devdock.cubedesigners.com | tail -1`
-s4=`dig +short elephantman.cubedesigners.com | tail -1`
-s5=`dig +short godzilla.cubedesigners.com | tail -1`
-s5_0=`dig +short hostingdev.cubedesigners.com | tail -1`
-s5_1=`dig +short hosting.cubedesigners.com | tail -1`
-s5_2=`dig +short hosting2.fluidbook.com | tail -1`
-s5_3=`dig +short hosting.fluidbook.com | tail -1`
-s6=`dig +short her2.cubedesigners.com | tail -1`
-s6_0=`dig +short her.cubedesigners.com | tail -1`
-s6_1=`dig +short mail.cubedesigners.com | tail -1`
-s6_2=`dig +short mail2.cubedesigners.com | tail -1`
-s7=`dig +short kingkong.cubedesigners.com | tail -1`
-s8=`dig +short fastandfurious.cubedesigners.com | tail -1`
-
-auth=($s0 $s0_0 $s1 $s2 $s2_0 $s4 $s5 $s5_0 $s5_1 $s5_2 $s5_3 $s6 $s6_0 $s6_1 $s6_2 $s7 $s8)
+s2=`dig +short cloudatlas.cubedesigners.com | tail -1`
+s3=`dig +short dracula.cubedesigners.com | tail -1`
+s3_0=`dig +short devdock.cubedesigners.com | tail -1`
+s5=`dig +short elephantman.cubedesigners.com | tail -1`
+s6=`dig +short godzilla.cubedesigners.com | tail -1`
+s6_0=`dig +short hostingdev.cubedesigners.com | tail -1`
+s6_1=`dig +short hosting.cubedesigners.com | tail -1`
+s6_2=`dig +short hosting2.fluidbook.com | tail -1`
+s6_3=`dig +short hosting.fluidbook.com | tail -1`
+s7=`dig +short her2.cubedesigners.com | tail -1`
+s7_0=`dig +short her.cubedesigners.com | tail -1`
+s7_1=`dig +short mail.cubedesigners.com | tail -1`
+s7_2=`dig +short mail2.cubedesigners.com | tail -1`
+s8=`dig +short kingkong.cubedesigners.com | tail -1`
+s9=`dig +short fastandfurious.cubedesigners.com | tail -1`
+
+auth=($s0 $s0_0 $s1 $s2 $s3 $s3_0 $s5 $s6 $s6_0 $s6_1 $s6_2 $s6_3 $s7 $s7_0 $s7_1 $s7_2 $s8 $s9)
 
 c0=`dig +short s1.adangelis.com | tail -1`
 c1=`dig +short www.fondation-sycomore.com | tail -1`
diff --git a/resources/servers/dracula/firewall b/resources/servers/dracula/firewall
index d71543994..d881330b9 100644
--- a/resources/servers/dracula/firewall
+++ b/resources/servers/dracula/firewall
@@ -28,21 +28,22 @@ blacklist=($b0 $b1 $b2 $b3)
 s0=`dig +short alphaville.cubedesigners.com | tail -1`
 s0_0=`dig +short toolbox.fluidbook.com | tail -1`
 s1=`dig +short brazil.cubedesigners.com | tail -1`
-s3=`dig +short dobermann.cubedesigners.com | tail -1`
-s4=`dig +short elephantman.cubedesigners.com | tail -1`
-s5=`dig +short godzilla.cubedesigners.com | tail -1`
-s5_0=`dig +short hostingdev.cubedesigners.com | tail -1`
-s5_1=`dig +short hosting.cubedesigners.com | tail -1`
-s5_2=`dig +short hosting2.fluidbook.com | tail -1`
-s5_3=`dig +short hosting.fluidbook.com | tail -1`
-s6=`dig +short her2.cubedesigners.com | tail -1`
-s6_0=`dig +short her.cubedesigners.com | tail -1`
-s6_1=`dig +short mail.cubedesigners.com | tail -1`
-s6_2=`dig +short mail2.cubedesigners.com | tail -1`
-s7=`dig +short kingkong.cubedesigners.com | tail -1`
-s8=`dig +short fastandfurious.cubedesigners.com | tail -1`
+s2=`dig +short cloudatlas.cubedesigners.com | tail -1`
+s4=`dig +short dobermann.cubedesigners.com | tail -1`
+s5=`dig +short elephantman.cubedesigners.com | tail -1`
+s6=`dig +short godzilla.cubedesigners.com | tail -1`
+s6_0=`dig +short hostingdev.cubedesigners.com | tail -1`
+s6_1=`dig +short hosting.cubedesigners.com | tail -1`
+s6_2=`dig +short hosting2.fluidbook.com | tail -1`
+s6_3=`dig +short hosting.fluidbook.com | tail -1`
+s7=`dig +short her2.cubedesigners.com | tail -1`
+s7_0=`dig +short her.cubedesigners.com | tail -1`
+s7_1=`dig +short mail.cubedesigners.com | tail -1`
+s7_2=`dig +short mail2.cubedesigners.com | tail -1`
+s8=`dig +short kingkong.cubedesigners.com | tail -1`
+s9=`dig +short fastandfurious.cubedesigners.com | tail -1`
 
-auth=($s0 $s0_0 $s1 $s3 $s4 $s5 $s5_0 $s5_1 $s5_2 $s5_3 $s6 $s6_0 $s6_1 $s6_2 $s7 $s8)
+auth=($s0 $s0_0 $s1 $s2 $s4 $s5 $s6 $s6_0 $s6_1 $s6_2 $s6_3 $s7 $s7_0 $s7_1 $s7_2 $s8 $s9)
 
 ufw allow 53
 ufw allow 80
diff --git a/resources/servers/elephantman/firewall b/resources/servers/elephantman/firewall
index f90c536b6..53f031c87 100644
--- a/resources/servers/elephantman/firewall
+++ b/resources/servers/elephantman/firewall
@@ -28,22 +28,23 @@ blacklist=($b0 $b1 $b2 $b3)
 s0=`dig +short alphaville.cubedesigners.com | tail -1`
 s0_0=`dig +short toolbox.fluidbook.com | tail -1`
 s1=`dig +short brazil.cubedesigners.com | tail -1`
-s2=`dig +short dracula.cubedesigners.com | tail -1`
-s2_0=`dig +short devdock.cubedesigners.com | tail -1`
-s3=`dig +short dobermann.cubedesigners.com | tail -1`
-s5=`dig +short godzilla.cubedesigners.com | tail -1`
-s5_0=`dig +short hostingdev.cubedesigners.com | tail -1`
-s5_1=`dig +short hosting.cubedesigners.com | tail -1`
-s5_2=`dig +short hosting2.fluidbook.com | tail -1`
-s5_3=`dig +short hosting.fluidbook.com | tail -1`
-s6=`dig +short her2.cubedesigners.com | tail -1`
-s6_0=`dig +short her.cubedesigners.com | tail -1`
-s6_1=`dig +short mail.cubedesigners.com | tail -1`
-s6_2=`dig +short mail2.cubedesigners.com | tail -1`
-s7=`dig +short kingkong.cubedesigners.com | tail -1`
-s8=`dig +short fastandfurious.cubedesigners.com | tail -1`
-
-auth=($s0 $s0_0 $s1 $s2 $s2_0 $s3 $s5 $s5_0 $s5_1 $s5_2 $s5_3 $s6 $s6_0 $s6_1 $s6_2 $s7 $s8)
+s2=`dig +short cloudatlas.cubedesigners.com | tail -1`
+s3=`dig +short dracula.cubedesigners.com | tail -1`
+s3_0=`dig +short devdock.cubedesigners.com | tail -1`
+s4=`dig +short dobermann.cubedesigners.com | tail -1`
+s6=`dig +short godzilla.cubedesigners.com | tail -1`
+s6_0=`dig +short hostingdev.cubedesigners.com | tail -1`
+s6_1=`dig +short hosting.cubedesigners.com | tail -1`
+s6_2=`dig +short hosting2.fluidbook.com | tail -1`
+s6_3=`dig +short hosting.fluidbook.com | tail -1`
+s7=`dig +short her2.cubedesigners.com | tail -1`
+s7_0=`dig +short her.cubedesigners.com | tail -1`
+s7_1=`dig +short mail.cubedesigners.com | tail -1`
+s7_2=`dig +short mail2.cubedesigners.com | tail -1`
+s8=`dig +short kingkong.cubedesigners.com | tail -1`
+s9=`dig +short fastandfurious.cubedesigners.com | tail -1`
+
+auth=($s0 $s0_0 $s1 $s2 $s3 $s3_0 $s4 $s6 $s6_0 $s6_1 $s6_2 $s6_3 $s7 $s7_0 $s7_1 $s7_2 $s8 $s9)
 
 
 for ip in "${blacklist[@]}"
diff --git a/resources/servers/fastandfurious/firewall b/resources/servers/fastandfurious/firewall
index 6eaabcea1..5aa288361 100644
--- a/resources/servers/fastandfurious/firewall
+++ b/resources/servers/fastandfurious/firewall
@@ -28,22 +28,23 @@ blacklist=($b0 $b1 $b2 $b3)
 s0=`dig +short alphaville.cubedesigners.com | tail -1`
 s0_0=`dig +short toolbox.fluidbook.com | tail -1`
 s1=`dig +short brazil.cubedesigners.com | tail -1`
-s2=`dig +short dracula.cubedesigners.com | tail -1`
-s2_0=`dig +short devdock.cubedesigners.com | tail -1`
-s3=`dig +short dobermann.cubedesigners.com | tail -1`
-s4=`dig +short elephantman.cubedesigners.com | tail -1`
-s5=`dig +short godzilla.cubedesigners.com | tail -1`
-s5_0=`dig +short hostingdev.cubedesigners.com | tail -1`
-s5_1=`dig +short hosting.cubedesigners.com | tail -1`
-s5_2=`dig +short hosting2.fluidbook.com | tail -1`
-s5_3=`dig +short hosting.fluidbook.com | tail -1`
-s6=`dig +short her2.cubedesigners.com | tail -1`
-s6_0=`dig +short her.cubedesigners.com | tail -1`
-s6_1=`dig +short mail.cubedesigners.com | tail -1`
-s6_2=`dig +short mail2.cubedesigners.com | tail -1`
-s7=`dig +short kingkong.cubedesigners.com | tail -1`
-
-auth=($s0 $s0_0 $s1 $s2 $s2_0 $s3 $s4 $s5 $s5_0 $s5_1 $s5_2 $s5_3 $s6 $s6_0 $s6_1 $s6_2 $s7)
+s2=`dig +short cloudatlas.cubedesigners.com | tail -1`
+s3=`dig +short dracula.cubedesigners.com | tail -1`
+s3_0=`dig +short devdock.cubedesigners.com | tail -1`
+s4=`dig +short dobermann.cubedesigners.com | tail -1`
+s5=`dig +short elephantman.cubedesigners.com | tail -1`
+s6=`dig +short godzilla.cubedesigners.com | tail -1`
+s6_0=`dig +short hostingdev.cubedesigners.com | tail -1`
+s6_1=`dig +short hosting.cubedesigners.com | tail -1`
+s6_2=`dig +short hosting2.fluidbook.com | tail -1`
+s6_3=`dig +short hosting.fluidbook.com | tail -1`
+s7=`dig +short her2.cubedesigners.com | tail -1`
+s7_0=`dig +short her.cubedesigners.com | tail -1`
+s7_1=`dig +short mail.cubedesigners.com | tail -1`
+s7_2=`dig +short mail2.cubedesigners.com | tail -1`
+s8=`dig +short kingkong.cubedesigners.com | tail -1`
+
+auth=($s0 $s0_0 $s1 $s2 $s3 $s3_0 $s4 $s5 $s6 $s6_0 $s6_1 $s6_2 $s6_3 $s7 $s7_0 $s7_1 $s7_2 $s8)
 
 ufw allow 51820
 
diff --git a/resources/servers/godzilla/firewall b/resources/servers/godzilla/firewall
index df310229d..563abb1fb 100644
--- a/resources/servers/godzilla/firewall
+++ b/resources/servers/godzilla/firewall
@@ -28,18 +28,19 @@ blacklist=($b0 $b1 $b2 $b3)
 s0=`dig +short alphaville.cubedesigners.com | tail -1`
 s0_0=`dig +short toolbox.fluidbook.com | tail -1`
 s1=`dig +short brazil.cubedesigners.com | tail -1`
-s2=`dig +short dracula.cubedesigners.com | tail -1`
-s2_0=`dig +short devdock.cubedesigners.com | tail -1`
-s3=`dig +short dobermann.cubedesigners.com | tail -1`
-s4=`dig +short elephantman.cubedesigners.com | tail -1`
-s6=`dig +short her2.cubedesigners.com | tail -1`
-s6_0=`dig +short her.cubedesigners.com | tail -1`
-s6_1=`dig +short mail.cubedesigners.com | tail -1`
-s6_2=`dig +short mail2.cubedesigners.com | tail -1`
-s7=`dig +short kingkong.cubedesigners.com | tail -1`
-s8=`dig +short fastandfurious.cubedesigners.com | tail -1`
-
-auth=($s0 $s0_0 $s1 $s2 $s2_0 $s3 $s4 $s6 $s6_0 $s6_1 $s6_2 $s7 $s8)
+s2=`dig +short cloudatlas.cubedesigners.com | tail -1`
+s3=`dig +short dracula.cubedesigners.com | tail -1`
+s3_0=`dig +short devdock.cubedesigners.com | tail -1`
+s4=`dig +short dobermann.cubedesigners.com | tail -1`
+s5=`dig +short elephantman.cubedesigners.com | tail -1`
+s7=`dig +short her2.cubedesigners.com | tail -1`
+s7_0=`dig +short her.cubedesigners.com | tail -1`
+s7_1=`dig +short mail.cubedesigners.com | tail -1`
+s7_2=`dig +short mail2.cubedesigners.com | tail -1`
+s8=`dig +short kingkong.cubedesigners.com | tail -1`
+s9=`dig +short fastandfurious.cubedesigners.com | tail -1`
+
+auth=($s0 $s0_0 $s1 $s2 $s3 $s3_0 $s4 $s5 $s7 $s7_0 $s7_1 $s7_2 $s8 $s9)
 
 ufw allow 53
 ufw allow 80
diff --git a/resources/servers/her2/firewall b/resources/servers/her2/firewall
index e9dcfb27e..eaa28b1ba 100644
--- a/resources/servers/her2/firewall
+++ b/resources/servers/her2/firewall
@@ -28,19 +28,20 @@ blacklist=($b0 $b1 $b2 $b3)
 s0=`dig +short alphaville.cubedesigners.com | tail -1`
 s0_0=`dig +short toolbox.fluidbook.com | tail -1`
 s1=`dig +short brazil.cubedesigners.com | tail -1`
-s2=`dig +short dracula.cubedesigners.com | tail -1`
-s2_0=`dig +short devdock.cubedesigners.com | tail -1`
-s3=`dig +short dobermann.cubedesigners.com | tail -1`
-s4=`dig +short elephantman.cubedesigners.com | tail -1`
-s5=`dig +short godzilla.cubedesigners.com | tail -1`
-s5_0=`dig +short hostingdev.cubedesigners.com | tail -1`
-s5_1=`dig +short hosting.cubedesigners.com | tail -1`
-s5_2=`dig +short hosting2.fluidbook.com | tail -1`
-s5_3=`dig +short hosting.fluidbook.com | tail -1`
-s7=`dig +short kingkong.cubedesigners.com | tail -1`
-s8=`dig +short fastandfurious.cubedesigners.com | tail -1`
-
-auth=($s0 $s0_0 $s1 $s2 $s2_0 $s3 $s4 $s5 $s5_0 $s5_1 $s5_2 $s5_3 $s7 $s8)
+s2=`dig +short cloudatlas.cubedesigners.com | tail -1`
+s3=`dig +short dracula.cubedesigners.com | tail -1`
+s3_0=`dig +short devdock.cubedesigners.com | tail -1`
+s4=`dig +short dobermann.cubedesigners.com | tail -1`
+s5=`dig +short elephantman.cubedesigners.com | tail -1`
+s6=`dig +short godzilla.cubedesigners.com | tail -1`
+s6_0=`dig +short hostingdev.cubedesigners.com | tail -1`
+s6_1=`dig +short hosting.cubedesigners.com | tail -1`
+s6_2=`dig +short hosting2.fluidbook.com | tail -1`
+s6_3=`dig +short hosting.fluidbook.com | tail -1`
+s8=`dig +short kingkong.cubedesigners.com | tail -1`
+s9=`dig +short fastandfurious.cubedesigners.com | tail -1`
+
+auth=($s0 $s0_0 $s1 $s2 $s3 $s3_0 $s4 $s5 $s6 $s6_0 $s6_1 $s6_2 $s6_3 $s8 $s9)
 
 ufw allow 53
 ufw allow 80
@@ -48,7 +49,7 @@ ufw allow 443
 ufw allow 25
 ufw allow 143
 ufw allow 465
-ufw allow 487
+ufw allow 587
 ufw allow 993
 ufw allow 4190
 
diff --git a/resources/servers/kingkong/firewall b/resources/servers/kingkong/firewall
index 7f1993cf3..669e15863 100644
--- a/resources/servers/kingkong/firewall
+++ b/resources/servers/kingkong/firewall
@@ -28,22 +28,23 @@ blacklist=($b0 $b1 $b2 $b3)
 s0=`dig +short alphaville.cubedesigners.com | tail -1`
 s0_0=`dig +short toolbox.fluidbook.com | tail -1`
 s1=`dig +short brazil.cubedesigners.com | tail -1`
-s2=`dig +short dracula.cubedesigners.com | tail -1`
-s2_0=`dig +short devdock.cubedesigners.com | tail -1`
-s3=`dig +short dobermann.cubedesigners.com | tail -1`
-s4=`dig +short elephantman.cubedesigners.com | tail -1`
-s5=`dig +short godzilla.cubedesigners.com | tail -1`
-s5_0=`dig +short hostingdev.cubedesigners.com | tail -1`
-s5_1=`dig +short hosting.cubedesigners.com | tail -1`
-s5_2=`dig +short hosting2.fluidbook.com | tail -1`
-s5_3=`dig +short hosting.fluidbook.com | tail -1`
-s6=`dig +short her2.cubedesigners.com | tail -1`
-s6_0=`dig +short her.cubedesigners.com | tail -1`
-s6_1=`dig +short mail.cubedesigners.com | tail -1`
-s6_2=`dig +short mail2.cubedesigners.com | tail -1`
-s8=`dig +short fastandfurious.cubedesigners.com | tail -1`
-
-auth=($s0 $s0_0 $s1 $s2 $s2_0 $s3 $s4 $s5 $s5_0 $s5_1 $s5_2 $s5_3 $s6 $s6_0 $s6_1 $s6_2 $s8)
+s2=`dig +short cloudatlas.cubedesigners.com | tail -1`
+s3=`dig +short dracula.cubedesigners.com | tail -1`
+s3_0=`dig +short devdock.cubedesigners.com | tail -1`
+s4=`dig +short dobermann.cubedesigners.com | tail -1`
+s5=`dig +short elephantman.cubedesigners.com | tail -1`
+s6=`dig +short godzilla.cubedesigners.com | tail -1`
+s6_0=`dig +short hostingdev.cubedesigners.com | tail -1`
+s6_1=`dig +short hosting.cubedesigners.com | tail -1`
+s6_2=`dig +short hosting2.fluidbook.com | tail -1`
+s6_3=`dig +short hosting.fluidbook.com | tail -1`
+s7=`dig +short her2.cubedesigners.com | tail -1`
+s7_0=`dig +short her.cubedesigners.com | tail -1`
+s7_1=`dig +short mail.cubedesigners.com | tail -1`
+s7_2=`dig +short mail2.cubedesigners.com | tail -1`
+s9=`dig +short fastandfurious.cubedesigners.com | tail -1`
+
+auth=($s0 $s0_0 $s1 $s2 $s3 $s3_0 $s4 $s5 $s6 $s6_0 $s6_1 $s6_2 $s6_3 $s7 $s7_0 $s7_1 $s7_2 $s9)
 
 ufw allow 80
 ufw allow 443
diff --git a/resources/servers/update.bat b/resources/servers/update.bat
index 206f800e4..dbbd586d2 100644
--- a/resources/servers/update.bat
+++ b/resources/servers/update.bat
@@ -9,6 +9,9 @@ ssh -p 22 root@alphaville.cubedesigners.com 'chmod 755 /usr/local/bin/fw;rm -f /
 scp -P 22 ./brazil/firewall root@brazil.cubedesigners.com:/usr/local/bin/fw
 ssh -p 22 root@brazil.cubedesigners.com 'chmod 755 /usr/local/bin/fw;rm -f /usr/local/bin/firewall;/usr/local/bin/fw'
 
+scp -P 22 ./cloudatlas/firewall root@cloudatlas.cubedesigners.com:/usr/local/bin/fw
+ssh -p 22 root@cloudatlas.cubedesigners.com 'chmod 755 /usr/local/bin/fw;rm -f /usr/local/bin/firewall;/usr/local/bin/fw'
+
 scp -P 22 ./dracula/firewall root@dracula.cubedesigners.com:/usr/local/bin/fw
 ssh -p 22 root@dracula.cubedesigners.com 'chmod 755 /usr/local/bin/fw;rm -f /usr/local/bin/firewall;/usr/local/bin/fw'