On Thu, 29 Jan 2004, Raymond Norton wrote: > I have a bunch of schools getting clobbered with the latest greatest virus. > Several are using IPCop and Shorewall. What would be a good rule to stop all > workstations from being able to send out anything destined for port 25 > except to the mail server at 10.100.100.6? > > Simply put, I want workstations to utilize the local mail server but not be > able to send mail to any other server. > > Most schools are running two interfaces on their firewall. The rules are processed "first match", so the best thing to do right now is to allow what you know is needed, then deny everything. Shorewall works OK, but allow a day or two to get your ruleset right before you deploy it widely. -- Daniel Taylor dante at argle.org Forget diamonds, Copyright is forever. _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list