LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   iptables (https://www.linuxquestions.org/questions/linux-security-4/iptables-210487/)

sanjibgupta 07-28-2004 01:11 AM
iptables
 
I have linux8.0 masquarading server having to 2 cards. eth0 has a live ip and eth1 is a private ip (192.168.20.x). All mails should come into eth0 by are mails comming to eth1. How do i stop this.
Sanjib Gupta


Jul 28 11:39:44 cb kernel: mail_out IN=eth1 OUT= MAC=00:d0:09:86:2e:99:00:00:e2:19:84:17:08:00 SRC=218.236.106.56 DST=202.141.148.23 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=28779 DF PROTO=TCP SPT=2431 DPT=25 WINDOW=64240 RES=0x00 SYN URGP=0
Jul 28 11:39:51 cb kernel: mail_out IN=eth1 OUT= MAC=00:d0:09:86:2e:99:00:00:e2:19:84:17:08:00 SRC=218.236.106.56 DST=202.141.148.23 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=29567 DF PROTO=TCP SPT=2431 DPT=25 WINDOW=64240 RES=0x00 SYN URGP=0
Jul 28 11:40:02 cb kernel: mail_out IN=eth1 OUT= MAC=00:d0:09:86:2e:99:00:00:e2:19:84:17:08:00 SRC=218.236.106.56 DST=202.141.148.23 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=31360 DF PROTO=TCP SPT=2431 DPT=25 WINDOW=64240 RES=0x00 SYN URGP=0

ppuru 07-28-2004 01:58 AM
Insert this rule appropriately

iptables -I INPUT -i eth1 -p tcp --dport 25 -j REJECT -m state --state NEW

Also, when you post logs, mask a few octets of the IP addresses - you can still edit your current post so your IPs won't land in a potential attacker's list of 'to probe' IPs.


All times are GMT -5. The time now is 04:56 PM.