[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] iptables rules

Subject: [ale] iptables rules
From: cfowler at outpostsentinel.com (Christopher Fowler)
Date: Wed Aug 4 14:58:13 2004
In-reply-to: <[email protected]>
References: <[email protected]>

Here is one rule set:
/sbin/iptables -A INPUT -p tcp -i ${PRIVATE} -s 192.168.254.0/24 -d
192.168.1.254/32 --dport 25 -j ALLOW
/sbin/iptables -A INPUT -p tcp -i ${PRIVATE} -s 192.168.254.0/24 -d
0.0.0.0/0 --dport 25 -j DROP


Should'nt the exception be before the rule?


On Wed, 2004-08-04 at 14:45, Christopher Fowler wrote:
> I have a machine on the network that I need to protect my bandwidth
> from.  This is a windows box and it is clear to me that it can not be
> trusted.
> 
> My firewall is 192.168.1.254 and I want it to be able to go to port 25
> of that machine but not out the public interface.  I also want to block
> all outgoing ports other than 80.  
> 
> 2 Trojans were found on this machine and I think it has become a spam
> box.
> 
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale

Follow-Ups:
- [ale] iptables rules
  - From: ups at tree.com (Stephan Uphoff)

References:
- [ale] iptables rules
  - From: cfowler at outpostsentinel.com (Christopher Fowler)

Prev by Date: [ale] iptables rules
Next by Date: [ale] iptables rules
Previous by thread: [ale] iptables rules
Next by thread: [ale] iptables rules
Index(es):
- Date
- Thread