IPCHAINS question
Jerry Feldman
gaf at blu.org
Mon Oct 18 16:47:02 EDT 2004
I have a need to temporarily block port 25 (smtp). I've been reading the
howtos, but I don't want to get myself into a situation requiring a
reboot.
The existing rule is:
target prot opt src dst ports
ACCEPT tcp -y---- anywhere anywhere any->smtp
I just want to disable (or deny) it for a few minutes and then reenable
it.
However, I want to keep the MTA up and running, especially for outgoing.
Before I experiment, here is the specification I think should work
ipchains -R input -s 0/0 -d 0/0 25 -p tcp -y -j DENY
Then to reenable it:
ipchains -R input -s 0/0 -d 0/0 25 -p tcp -y -j ACCEPT
--- note that I need to do this for moving some mailman lists to another
server.
I need to keep the MTA up because the list admin is going to do approve or
reject a bunch of pending requests.
--
Jerry Feldman <gaf at blu.org>
Associate Director
Boston Linux and Unix
http://www.blu.org
More information about the Discuss
mailing list