 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
----- Original Message ----- From: miah <jjohnson at sunrise-linux.com> To: discuss at blu.org Subject: Re: IPCHAINS question Date: Mon, 18 Oct 2004 18:20:51 -0400 > > 1. why ipchains? Surely you aren't running 2.2, if you're using 2.4, > start using iptables. > > 2. To add a rule to deny incoming smtp: > iptables -A INPUT -m tcp -p tcp --dport 25 --syn -j REJECT > > (reject is better than drop, I like to keep the internet working as it > should) > > 3. To remove that rule: > iptables -D INPUT -m tcp -p tcp --dport 25 --syn -j REJECT > > Your OUTPUT (eg, outgoing smtp) will still function. > > -miah I hate to pick nits, but in this case I'll make an exception: to be effective, a REJECT rule would have to be inserted instead of appended, because there's probably an existing rule that allows port 25, and a REJECT rule would never be used if it came after. iptables -I INPUT 1 .... Bill
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
