All of lore.kernel.org
 help / color / mirror / Atom feed
* sendmail : dport 25 , sport 25 or both?
@ 2004-01-22  7:50 Rakotomandimby Mihamina
  2004-01-22 10:42 ` Ted Kaczmarek
  0 siblings, 1 reply; 3+ messages in thread
From: Rakotomandimby Mihamina @ 2004-01-22  7:50 UTC (permalink / raw)
  To: netfilter

HEllo ,
I'm running sendamil on my box .
I'm dropping all outgoing packets ( policy ) .
I want the sendmail packets not to be dropped , have i got to allow outgoing 
"--sport 25" packets , "--dport 25" or just "--ports 25" 

thanks in advance for your help .

-- 
Rakotomandimby Mihamina Andrianifaharana
Tel : +33 2 38 76 43 65
http://stko.dyndns.info/site_principal/Members/mihamina



^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: sendmail : dport 25 , sport 25 or both?
  2004-01-22  7:50 sendmail : dport 25 , sport 25 or both? Rakotomandimby Mihamina
@ 2004-01-22 10:42 ` Ted Kaczmarek
  2004-01-22 11:50   ` Rakotomandimby Mihamina
  0 siblings, 1 reply; 3+ messages in thread
From: Ted Kaczmarek @ 2004-01-22 10:42 UTC (permalink / raw)
  To: Rakotomandimby Mihamina; +Cc: netfilter

If the daemon listens on port 25, then the connection will be destined
to it on port 25. 

So 
Input chain allows destination port 25
Output chain allows source port 25

Do you have a specific need for blocking all output packets?


Ted


On Thu, 2004-01-22 at 02:50, Rakotomandimby Mihamina wrote:
> HEllo ,
> I'm running sendamil on my box .
> I'm dropping all outgoing packets ( policy ) .
> I want the sendmail packets not to be dropped , have i got to allow outgoing 
> "--sport 25" packets , "--dport 25" or just "--ports 25" 
> 
> thanks in advance for your help .



^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: sendmail : dport 25 , sport 25 or both?
  2004-01-22 10:42 ` Ted Kaczmarek
@ 2004-01-22 11:50   ` Rakotomandimby Mihamina
  0 siblings, 0 replies; 3+ messages in thread
From: Rakotomandimby Mihamina @ 2004-01-22 11:50 UTC (permalink / raw)
  To: netfilter

On Thursday 22 January 2004 11:42, Ted Kaczmarek wrote:
> If the daemon listens on port 25, then the connection will be destined
> to it on port 25.

yes . 

> So
> Input chain allows destination port 25
> Output chain allows source port 25

OK.

> Do you have a specific need for blocking all output packets?

yes . security reason . i think if someone has succeded intrusion , i could 
block outgoing traffic , so that it would not be easy for him to manage 
it ... is it crazzy ? :-) 

-- 
Rakotomandimby Mihamina Andrianifaharana
Tel : +33 2 38 76 43 65
http://stko.dyndns.info/site_principal/Members/mihamina



^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2004-01-22 11:50 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-01-22  7:50 sendmail : dport 25 , sport 25 or both? Rakotomandimby Mihamina
2004-01-22 10:42 ` Ted Kaczmarek
2004-01-22 11:50   ` Rakotomandimby Mihamina

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.