[ale] iptables rules
Christopher Fowler
cfowler at outpostsentinel.com
Wed Aug 4 14:58:13 EDT 2004
Here is one rule set:
/sbin/iptables -A INPUT -p tcp -i ${PRIVATE} -s 192.168.254.0/24 -d
192.168.1.254/32 --dport 25 -j ALLOW
/sbin/iptables -A INPUT -p tcp -i ${PRIVATE} -s 192.168.254.0/24 -d
0.0.0.0/0 --dport 25 -j DROP
Should'nt the exception be before the rule?
On Wed, 2004-08-04 at 14:45, Christopher Fowler wrote:
> I have a machine on the network that I need to protect my bandwidth
> from. This is a windows box and it is clear to me that it can not be
> trusted.
>
> My firewall is 192.168.1.254 and I want it to be able to go to port 25
> of that machine but not out the public interface. I also want to block
> all outgoing ports other than 80.
>
> 2 Trojans were found on this machine and I think it has become a spam
> box.
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list