Can I allow port 25 connections from all but one specific address? Is this done with two separate lines? ACCEPT net fw tcp 25 REJECT 61.13.162.55 fw tcp 25 Thanks, Ken
> Can I allow port 25 connections from all but one specific address? Is > this done with two separate lines? > > ACCEPT net fw tcp 25 > REJECT 61.13.162.55 fw tcp 25 > >You need to put the REJECT -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://shorewall.sf.net ICQ: #60745924 \ teastep@shorewall.net
> Can I allow port 25 connections from all but one specific address? Is > this done with two separate lines? > > ACCEPT net fw tcp 25 > REJECT 61.13.162.55 fw tcp 25 >You need to put the REJECT rule before the corresponding ACCEPT rule or code the ACCEPT rule as: ACCEPT net:!61.13.162.55 fw tcp 25 You can also use the Blacklist facility to reject port 25 from particular IP addresses or you can do what most folks do and configure your MTA to reject mail from hosts that you don''t want to hear from. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://shorewall.sf.net ICQ: #60745924 \ teastep@shorewall.net