[ale] IP Chains question

James P. Kinney III jkinney at localnetsolutions.com
Mon Jun 23 09:24:04 EDT 2003


On Mon, 2003-06-23 at 08:44, Christopher Fowler wrote:
> I've got a friend who has an ipchains firewall and runs sendmail
> on that firewall.  I want to force all users to use that server
> as their MTA.  Is there any way using ipchains to block 
> all SMTP traffic from the internal net to the outside world? They
> are using NAT.
> 
ipchains -s <server> -d ! <internal>/<mask> --dport 25 -j ACCEPT
ipchains -s <internal>/<mask> -d ! <server> --dport 25 -j REJECT

I may have mixed ipchains and iptables nomenclature so do a quick man
ipchains. The first line allows the server/NAT box to get out, the
second blocks all inside boxes from accessing anything but the NAT box
for mail.

> Chris
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
-- 
James P. Kinney III          \Changing the mobile computing world/
CEO & Director of Engineering \          one Linux user         /
Local Net Solutions,LLC        \           at a time.          /
770-493-8244                    \.___________________________./
http://www.localnetsolutions.com

GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) <jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 

 This is a digitally signed message part




More information about the Ale mailing list