Re: Ipchains and smtp rule
From: Steffen Dettmer (steffen@dett.de)Date: 11/20/01
- Previous message: Scott Gifford: "Re: Disappearing entries in wtmp"
- In reply to: Mogens Valentin: "Ipchains and smtp rule"
- Next in thread: Mogens Valentin: "Re: Ipchains and smtp rule"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 20 Nov 2001 09:12:43 +0100 From: Steffen Dettmer <steffen@dett.de> To: focus-linux <focus-linux@securityfocus.com> Subject: Re: Ipchains and smtp rule Message-ID: <20011120091243.C4583@dx.net.de>
* Mogens Valentin wrote on Mon, Nov 19, 2001 at 17:55 +0100:
> ipchains -A -p tcp -s 0/0 -d 0/0 smtp -j accept or even
This rule isn't of correct syntax. Did you misstyped in this mail
or in the script? Try:
ipchains -I input -p tcp -s 0/0 -d 0/0 smtp -j ACCEPT
> ipchains -A input -p tcp -i $PUBLICIFC ! -y -j ACCEPT
SMTP needs -y packets at first of course, and if you accept only
non-SYN packets, no TCP handshake could be established.
> There's a whole bunch of rules, so please ask for what's needed.
I would suggest to add a log rule like:
ipchains -A input -j REJECT --log
or similar to have the rejects (or denies) in the syslog. Then
you see if something get's blocked accidentially.
oki,
Steffen
-- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.
- Previous message: Scott Gifford: "Re: Disappearing entries in wtmp"
- In reply to: Mogens Valentin: "Ipchains and smtp rule"
- Next in thread: Mogens Valentin: "Re: Ipchains and smtp rule"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
