smtpd firewall rules...

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: sinck@ugive.com
Date:  
Subject: smtpd firewall rules...

\_ [root@arrakis dsaxena]# ipchains -L
\_ Chain input (policy ACCEPT):
\_ target     prot opt     source                destination           ports
\_ DENY       tcp  ------  anywhere             anywhere              any ->
\_ 0:1024
\_ ACCEPT     tcp  ------  anywhere             dyn-dsl1-148-phx.bazillion.com
\_ any ->   smtp
\_ ACCEPT     tcp  ------  anywhere             dyn-dsl1-148-phx.bazillion.com
\_ any ->   nameserver
\_ ACCEPT     tcp  ------  anywhere             dyn-dsl1-148-phx.bazillion.com
\_ any ->   www
\_ Chain forward (policy ACCEPT):
\_ target     prot opt     source                destination           ports
\_ MASQ       all  ------  anywhere             192.168.0.0/24        n/a
\_ MASQ       all  ------  192.168.0.0/24       anywhere              n/a
\_ Chain output (policy ACCEPT):


Is it just me, or should that DENY rule come *after* you tell it what
you want to accept? Either that or set global system INPUT policy to
DENY. If you feed ipchains -nvL, you'll get a long listing including
some amusing things like packet counts matched by the rule, IIRC.

David