LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-28-2004, 01:11 AM   #1
sanjibgupta
Member
 
Registered: Apr 2003
Location: Kolkata
Posts: 215

Rep: Reputation: 30
iptables


I have linux8.0 masquarading server having to 2 cards. eth0 has a live ip and eth1 is a private ip (192.168.20.x). All mails should come into eth0 by are mails comming to eth1. How do i stop this.
Sanjib Gupta


Jul 28 11:39:44 cb kernel: mail_out IN=eth1 OUT= MAC=00:d0:09:86:2e:99:00:00:e2:19:84:17:08:00 SRC=218.236.106.56 DST=202.141.148.23 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=28779 DF PROTO=TCP SPT=2431 DPT=25 WINDOW=64240 RES=0x00 SYN URGP=0
Jul 28 11:39:51 cb kernel: mail_out IN=eth1 OUT= MAC=00:d0:09:86:2e:99:00:00:e2:19:84:17:08:00 SRC=218.236.106.56 DST=202.141.148.23 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=29567 DF PROTO=TCP SPT=2431 DPT=25 WINDOW=64240 RES=0x00 SYN URGP=0
Jul 28 11:40:02 cb kernel: mail_out IN=eth1 OUT= MAC=00:d0:09:86:2e:99:00:00:e2:19:84:17:08:00 SRC=218.236.106.56 DST=202.141.148.23 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=31360 DF PROTO=TCP SPT=2431 DPT=25 WINDOW=64240 RES=0x00 SYN URGP=0
 
Old 07-28-2004, 01:58 AM   #2
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 50
Insert this rule appropriately

iptables -I INPUT -i eth1 -p tcp --dport 25 -j REJECT -m state --state NEW

Also, when you post logs, mask a few octets of the IP addresses - you can still edit your current post so your IPs won't land in a potential attacker's list of 'to probe' IPs.

Last edited by ppuru; 07-28-2004 at 02:02 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
An error occured getting IPtables status from the command /etc/rc.d/init.d/iptables s CrazyMAzeY Linux - Newbie 10 08-12-2010 05:25 AM
Iptables - Couldn't load target `ACCPET':/lib/iptables/libipt_ACCPET.so: z00t Linux - Security 3 01-26-2004 02:24 AM
IPtables Log Analyzer from http://www.gege.org/iptables/ brainlego Linux - Software 0 08-11-2003 06:08 AM
iptables book wich one can you pll recomment to be an iptables expert? linuxownt Linux - General 2 06-26-2003 04:38 PM
My iptables script is /etc/sysconfig/iptables. How do i make this baby execute on boo ForumKid Linux - General 3 01-22-2002 07:36 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:33 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration