[ale] IP Chains question
James P. Kinney III
jkinney at localnetsolutions.com
Mon Jun 23 09:24:04 EDT 2003
On Mon, 2003-06-23 at 08:44, Christopher Fowler wrote:
> I've got a friend who has an ipchains firewall and runs sendmail
> on that firewall. I want to force all users to use that server
> as their MTA. Is there any way using ipchains to block
> all SMTP traffic from the internal net to the outside world? They
> are using NAT.
>
ipchains -s <server> -d ! <internal>/<mask> --dport 25 -j ACCEPT
ipchains -s <internal>/<mask> -d ! <server> --dport 25 -j REJECT
I may have mixed ipchains and iptables nomenclature so do a quick man
ipchains. The first line allows the server/NAT box to get out, the
second blocks all inside boxes from accessing anything but the NAT box
for mail.
> Chris
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
--
James P. Kinney III \Changing the mobile computing world/
CEO & Director of Engineering \ one Linux user /
Local Net Solutions,LLC \ at a time. /
770-493-8244 \.___________________________./
http://www.localnetsolutions.com
GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) <jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
This is a digitally signed message part
More information about the Ale
mailing list