IPCHAINS question

Tony Lambiris tonylambiris at gmail.com
Mon Oct 18 18:42:00 EDT 2004


If you want a simple point-and-click type thing check out firestarter....


On Mon, 18 Oct 2004 18:20:51 -0400, miah <jjohnson at sunrise-linux.com> wrote:
> 1. why ipchains?  Surely you aren't running 2.2, if you're using 2.4,
> start using iptables.
> 
> 2. To add a rule to deny incoming smtp:
> iptables -A INPUT -m tcp -p tcp --dport 25 --syn -j REJECT
> 
> (reject is better than drop, I like to keep the internet working as it
> should)
> 
> 3. To remove that rule:
> iptables -D INPUT -m tcp -p tcp --dport 25 --syn -j REJECT
> 
> Your OUTPUT (eg, outgoing smtp) will still function.
> 
> -miah
> 
> On Mon, Oct 18, 2004 at 04:46:22PM -0400, Jerry Feldman wrote:
> > I have a need to temporarily block port 25 (smtp). I've been reading the
> > howtos, but I don't want to get myself into a situation requiring a
> > reboot.
> > The existing rule is:
> > target     prot  opt      src     dst        ports
> > ACCEPT     tcp  -y----  anywhere anywhere  any->smtp
> >
> >
> > I just want to disable (or deny) it for a few minutes and then reenable
> > it.
> > However, I want to keep the MTA up and running, especially for outgoing.
> > Before I experiment, here is the specification I think should work
> > ipchains -R input -s 0/0 -d 0/0 25 -p tcp -y -j DENY
> >
> > Then to reenable it:
> > ipchains -R input -s 0/0 -d 0/0 25 -p tcp -y -j ACCEPT
> >
> > --- note that I need to do this for moving some mailman lists to another
> > server.
> > I need to keep the MTA up because the list admin is going to do approve or
> > reject a bunch of pending requests.
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://www.blu.org/mailman/listinfo/discuss
> 


-- 
+ Cannot find nsabackdoor.dll. Please re-install Windows.



More information about the Discuss mailing list