How can I block all traffic to port 110 to and IP using IPtables?
 

How can I block all traffic to port 110 to and IP using IPtables?

I have:
iptables -t nat -A PREROUTING -i eth1 -d 10.10.0.254:110 -j DROP

which didnt work, I also tried

iptables -t nat -A PREROUTING -i eth1 -d 10.10.0.254 --destination-port 110 -j DROP
and
iptables -t nat -A PREROUTING -i eth1 -d 10.10.0.254 -p 110 -j DROP
these didnt work either.

Thanks in advance

Don't use the NAT table for filtering. :)

You can also use tcpwrappers to do the same -

Add the pop3 service to hosts.deny

Thanks! Why shouldnt the nat be used for filtering?

That only works if someone is making connections to your pop3 server, not a remote one through your machine.

Mainly because that's not what it's intended for. Some of the matches and targets aren't available there. Additionally, it IS intended to do port forwarding, NAT, etc. The default table is the filter table, which is intended to handle filtering of this sort.

i added
iptables -A FORWARD -i eth1 -d 10.10.0.254 -p tcp --dport 110 -j DROP

but email still goes through to 10.10.0.254, it should all be blocked though, no?

No... that would block POP3 connections to 10.10.0.254. If you are sending email, you need to look at SMTP.

Where is the traffic coming in from? eth1 or eth0?