[TCLUG] quick iptable rule

Thu Jan 29 10:05:18 CST 2004

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I don't know the exact rule syntax, but if rules are processed
top-down, allow outbound traffic from 10.100.100.6 on port 25, then
block all outbound traffic on 25.

Just a stab in the dark, hope it helps.

> -----Original Message-----
> From: tclug-list-bounces at mn-linux.org 
> [mailto:tclug-list-bounces at mn-linux.org] On Behalf Of Raymond
> Norton Sent: Thursday, January 29, 2004 8:30 AM
> To: tclug-list at mn-linux.org
> Subject: [TCLUG] quick iptable rule
> 
> 
> I have a bunch of schools getting clobbered with the latest 
> greatest virus. Several are using IPCop and Shorewall. What 
> would be a good rule to stop all workstations from being able 
> to send out anything destined for port 25 except to the mail 
> server at 10.100.100.6?
> 
> Simply put, I want workstations to utilize the local mail 
> server but not be able to send mail to any other server.
> 
> Most schools are running two interfaces on their firewall.
> 
> 
> Thanks in advance
> 
> 
> Raymond
> 
> 
> _______________________________________________
> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota 
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3

iQA/AwUBQBks/tRLIBm9yjm3EQLb2wCcDKa+e8pjgF4yeV22DALPMya4Qh8AoNJE
m7SGeiH6T6X+2YTjIJWGfNtb
=tpHW
-----END PGP SIGNATURE-----

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list