LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 02-11-2004, 12:32 PM   #1
Optichip
LQ Newbie
 
Registered: Feb 2004
Location: Idaho
Distribution: Fedora
Posts: 3

Rep: Reputation: 0
Blocking Mail from addresses with IPTables


Hope someone can help!

I'd like to block incoming mail on my Linux Router from specific IP's. Actually I wouldn't mind blocking all traffic from these addresses. The reason that I want to block these IP's is that they are infected with MyDoom and even though my mail server blocks the attached payload, I still receive 1000's of these mails from multiple addresses daily.

What I've tried that doesn't seem to work.....


iptables -A INPUT -s xxx.xxx.xxx.xxx -j DROP

(Added this in hopes to drop any packet received from the host ip in the header of the bad mail)

I run iptables simply for NAT and don't really have any other filtering going on. I'd love to have some kind of firewall settings that block just about everything other then web/mail/ssh/dns. Everything else I could care less about.


Thanks in advance,



Chris Staunton

Last edited by Optichip; 02-11-2004 at 12:34 PM.
 
Old 02-11-2004, 12:50 PM   #2
stirling
Member
 
Registered: Feb 2004
Distribution: LFS, Ubuntu
Posts: 52

Rep: Reputation: 16
let me know how this works out:

# make a new chain with name LBLOCK
iptables -N LBLOCK

# set the logging format
iptables -A LBLOCK -j log --log-prefix "BLOCK a=DROP "

# set to drop
iptables -A LBLOCK -j DROP

# drop and log any packets from ipaddr
iptables -I INPUT -i eth0 -s $ipaddr -j LBLOCK
iptables -I OUTPUT -o eth0 -d $ipaddr -j LBLOCK


edit: bugfix

Last edited by stirling; 02-11-2004 at 05:59 PM.
 
Old 02-11-2004, 07:53 PM   #3
Optichip
LQ Newbie
 
Registered: Feb 2004
Location: Idaho
Distribution: Fedora
Posts: 3

Original Poster
Rep: Reputation: 0
Figured it out...

Using FORWARD instead of INPUT is what I needed to do, since natting is happening as well the rules were getting bypassed. FORWARD did the trick.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Blocking mails from specific email addresses/domains in postfix jomy Linux - Networking 1 07-15-2008 09:32 PM
Blocking IP Addresses toejam Linux - Security 2 05-01-2004 01:14 AM
Blocking Incoming e-mail from a domain using iptables Zychior Linux - Security 2 04-06-2004 01:13 PM
iptables - allowing hostnames from ip addresses chrisfirestar Linux - Security 13 01-20-2004 10:42 PM
IPchains- Blocking web addresses sihere Linux - Networking 4 10-23-2002 07:59 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 06:36 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration