LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Using hosts.allow to allow only postfix to use port 25 (https://www.linuxquestions.org/questions/linux-server-73/using-hosts-allow-to-allow-only-postfix-to-use-port-25-a-714978/)

Mogget 03-27-2009 08:08 PM

Using hosts.allow to allow only postfix to use port 25
 
My question is.

Is it possible to use /etc/hosts.allow or something similar to block everything except postfix smtp on my port 25 out and in? I've opened up the port with iptables but after walking through the man pages i don't see any option to say which program can use the open port in iptables.

Thanks in advance for taking your time to answer this question.

chrism01 03-28-2009 01:27 AM

Only one program at a time can bind to a specific port, so if postfix has attached to that port (ie usual setup) then you don't need to worry.
Postfix if an SMTP server, so it won't give up that port unless you kill postfix.
Note that a port isn't really 'open' unless a program is attached to it. Its a bit of a misnomer, its not like a porthole on a ship...

Mogget 03-28-2009 04:32 AM

I do know that if there is nothing listening to the port then the port can be considered "closed" but i didn't know that one can only have one listening service per port. Thank you very much to for clearing that up for me.

reptiler 03-28-2009 04:36 AM

The only thing I know of that is capable of limiting a service to a specific port, or the other way around, is SELinux.
Possibly also AppArmor can do it, but I can't confirm that.


All times are GMT -5. The time now is 11:56 AM.