* Loading Additional Modules
@ 2002-10-28 11:54 harish.k
2002-10-28 12:34 ` Cedric Blancher
` (2 more replies)
0 siblings, 3 replies; 10+ messages in thread
From: harish.k @ 2002-10-28 11:54 UTC (permalink / raw)
To: netfilter
Hi list,
I want to load the modules ip_conntrack_ftp and ip_nat_ftp automatically
whenever the OS boots. I use Red Hat 7.3 and iptables-1.2.5-3.
How do I go about it?
Rgds
--
Harish K
^ permalink raw reply [flat|nested] 10+ messages in thread* Re: Loading Additional Modules 2002-10-28 11:54 Loading Additional Modules harish.k @ 2002-10-28 12:34 ` Cedric Blancher 2002-10-28 13:34 ` hare ram 2002-10-28 14:04 ` Rules for blocking Email from libero.it domain Sundaram Ramasamy 2 siblings, 0 replies; 10+ messages in thread From: Cedric Blancher @ 2002-10-28 12:34 UTC (permalink / raw) To: harish.k; +Cc: netfilter Le lun 28/10/2002 à 12:54, harish.k@lntinfotech.com a écrit : > I want to load the modules ip_conntrack_ftp and ip_nat_ftp automatically > whenever the OS boots. I use Red Hat 7.3 and iptables-1.2.5-3. > How do I go about it? man 5 modules -- Cédric Blancher <blancher@cartel-securite.fr> Consultant en sécurité des systèmes et réseaux - Cartel Sécurité Tél: +33 (0)1 44 06 97 87 - Fax: +33 (0)1 44 06 97 99 PGP KeyID:157E98EE FingerPrint:FA62226DA9E72FA8AECAA240008B480E157E98EE ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Loading Additional Modules 2002-10-28 11:54 Loading Additional Modules harish.k 2002-10-28 12:34 ` Cedric Blancher @ 2002-10-28 13:34 ` hare ram 2002-10-28 14:04 ` Rules for blocking Email from libero.it domain Sundaram Ramasamy 2 siblings, 0 replies; 10+ messages in thread From: hare ram @ 2002-10-28 13:34 UTC (permalink / raw) To: netfilter, harish.k Hi put the modprob with the ipconnection track in your rc.local so it will automatically load check after book #lsmod hare ----- Original Message ----- From: <harish.k@lntinfotech.com> To: <netfilter@lists.netfilter.org> Sent: Monday, October 28, 2002 5:24 PM Subject: Loading Additional Modules > Hi list, > > I want to load the modules ip_conntrack_ftp and ip_nat_ftp automatically > whenever the OS boots. I use Red Hat 7.3 and iptables-1.2.5-3. > How do I go about it? > > Rgds > -- > Harish K > > ^ permalink raw reply [flat|nested] 10+ messages in thread
* Rules for blocking Email from libero.it domain 2002-10-28 11:54 Loading Additional Modules harish.k 2002-10-28 12:34 ` Cedric Blancher 2002-10-28 13:34 ` hare ram @ 2002-10-28 14:04 ` Sundaram Ramasamy 2002-10-28 15:06 ` Antony Stone 2002-10-28 15:30 ` Danny Thuering 2 siblings, 2 replies; 10+ messages in thread From: Sundaram Ramasamy @ 2002-10-28 14:04 UTC (permalink / raw) To: netfilter, harish.k Hi, I want to block all incoming mail from the libero.it domain. I have NATed mail server. I set the following rules in my firewall, But still I am getting mails from this domain. Can you please help on this.? #libero.it - 195.210.91.83 SIP=195.210.91.83 $IPT -A INPUT -s $SIP -j LOG --log-prefix="spam: " $IPT -A INPUT -s $SIP -j DROP $IPT -A INPUT -s $SIP -j LOG --log-prefix="spam: " $IPT -A FORWARD -s $SIP -j DROP [root@gw root]# dig libero.it ; <<>> DiG 9.2.0 <<>> libero.it ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8861 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;libero.it. IN A ;; ANSWER SECTION: libero.it. 86169 IN A 195.210.91.83 ;; AUTHORITY SECTION: libero.it. 86169 IN NS ns2.libero.it. libero.it. 86169 IN NS ns1.libero.it. ;; Query time: 4 msec ;; SERVER: 192.168.1.1#53(192.168.1.1) ;; WHEN: Mon Oct 28 09:00:45 2002 ;; MSG SIZE rcvd: 79 -SR ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Rules for blocking Email from libero.it domain 2002-10-28 14:04 ` Rules for blocking Email from libero.it domain Sundaram Ramasamy @ 2002-10-28 15:06 ` Antony Stone 2002-10-28 23:17 ` Andrew Smith 2002-10-28 15:30 ` Danny Thuering 1 sibling, 1 reply; 10+ messages in thread From: Antony Stone @ 2002-10-28 15:06 UTC (permalink / raw) To: netfilter On Monday 28 October 2002 2:04 pm, Sundaram Ramasamy wrote: > Hi, > > I want to block all incoming mail from the libero.it domain. Configure your mail server to reject it. Netfilter is not the right answer to this question. Antony. -- Never write it in Perl if you can do it in Awk. Never do it in Awk if sed can handle it. Never use sed when tr can do the job. Never invoke tr when cat is sufficient. Avoid using cat whenever possible. ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Rules for blocking Email from libero.it domain 2002-10-28 15:06 ` Antony Stone @ 2002-10-28 23:17 ` Andrew Smith 2002-10-29 8:50 ` Antony Stone 0 siblings, 1 reply; 10+ messages in thread From: Andrew Smith @ 2002-10-28 23:17 UTC (permalink / raw) To: netfilter > On Monday 28 October 2002 2:04 pm, Sundaram Ramasamy wrote: > >> Hi, >> >> I want to block all incoming mail from the libero.it domain. > > Configure your mail server to reject it. > > Netfilter is not the right answer to this question. > > Antony. Actually, that depends on the reason. If the problem is that you keep getting large arounts of email from libero.it then I think you may have to use the firewall. I'm only guessing, but when I view my maillog it always seems to know the size of each email that has been blocked, so I presume I am actually getting the email then it is being rejected (unless the sendmail protocol passes this value across and that is what is being displayed?) I've never actually looked into it though. Usefull if someone knows for sure (otherwise I'll get around to it one day and actually test it to be sure :-) However, as suggested before, you need to block all the smtp servers for liberato.it - not just one of them. -- -Cheers -Andrew MS ... if only he hadn't been hang gliding! ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Rules for blocking Email from libero.it domain 2002-10-28 23:17 ` Andrew Smith @ 2002-10-29 8:50 ` Antony Stone 2002-10-29 10:40 ` Adam D. Barratt 0 siblings, 1 reply; 10+ messages in thread From: Antony Stone @ 2002-10-29 8:50 UTC (permalink / raw) To: netfilter On Monday 28 October 2002 11:17 pm, Andrew Smith wrote: > >> Hi, > >> > >> I want to block all incoming mail from the libero.it domain. > > > > Configure your mail server to reject it. > > > > Netfilter is not the right answer to this question. > > > > Antony. > > If the problem is that you keep getting large arounts of email > from libero.it then I think you may have to use the firewall. > I'm only guessing, but when I view my maillog it always > seems to know the size of each email that has been blocked, > so I presume I am actually getting the email then it is > being rejected (unless the sendmail protocol passes this > value across and that is what is being displayed?) The latter is correct. Before an email is transmitted, the sender tells the receiver what size it is so that the receiver can decide whether it has space to accept it. Most mail servers will have some upper limit (probably 10Mb - 50Mb these days) on the size of mail they will accept. An email server will typically check the address of the machine trying to send the email (in things like ordb.org for example), the sender's address, the recipient's address, and the size of the mail before it decides whether it's prepared to receive the actual email or not. Even things like the recipient's address can be more complicated than you might expect, because you can limit things like the total number of recipients for a single email as well as checking individual addresses. Antony. -- I vote "no" to this proposal to form a committee to investigate whether we should or should not hold a ballot on whether to vote yet. ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Rules for blocking Email from libero.it domain 2002-10-29 8:50 ` Antony Stone @ 2002-10-29 10:40 ` Adam D. Barratt 2002-10-29 13:04 ` Antony Stone 0 siblings, 1 reply; 10+ messages in thread From: Adam D. Barratt @ 2002-10-29 10:40 UTC (permalink / raw) To: netfilter Antony Stone wrote Tuesday, October 29, 2002 8:50 AM > The latter is correct. Before an email is transmitted, the sender tells the > receiver what size it is so that the receiver can decide whether it has space > to accept it. In most cases, no such decision takes place. Specifically, there are very few servers (IME) that actually implement the SIZE extension, as defined in RFC1870. Note that RFC2821 discourages decisions based on message size: "Since the introduction of Internet standards for multimedia mail [12], message lengths on the Internet have grown dramatically, and message size restrictions should be avoided if at all possible. SMTP server systems that must impose restrictions SHOULD implement the "SIZE" service extension [18], and SMTP client systems that will send large messages SHOULD utilize it when possible." Adam ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Rules for blocking Email from libero.it domain 2002-10-29 10:40 ` Adam D. Barratt @ 2002-10-29 13:04 ` Antony Stone 0 siblings, 0 replies; 10+ messages in thread From: Antony Stone @ 2002-10-29 13:04 UTC (permalink / raw) To: netfilter On Tuesday 29 October 2002 10:40 am, Adam D. Barratt wrote: > Antony Stone wrote Tuesday, October 29, 2002 8:50 AM > > > The latter is correct. Before an email is transmitted, the sender tells > > the receiver what size it is so that the receiver can decide whether it > > has space to accept it. > > In most cases, no such decision takes place. Specifically, there are very > few servers (IME) that actually implement the SIZE extension, as defined in > RFC1870. > > Note that RFC2821 discourages decisions based on message size. Hmmm. I suppose everyone assumes that mail servers have infinite hard disk capacity these days... Antony. -- Which part of 'apt-get dist-upgrade' do you not understand ??? ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: Rules for blocking Email from libero.it domain 2002-10-28 14:04 ` Rules for blocking Email from libero.it domain Sundaram Ramasamy 2002-10-28 15:06 ` Antony Stone @ 2002-10-28 15:30 ` Danny Thuering 1 sibling, 0 replies; 10+ messages in thread From: Danny Thuering @ 2002-10-28 15:30 UTC (permalink / raw) To: Sundaram Ramasamy, netfilter -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 hi, dig just tells you which servers will accept mail for libero.it: ; <<>> DiG 9.2.1 <<>> libero.it any ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18016 ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 2, ADDITIONAL: 3 ;; QUESTION SECTION: ;libero.it. IN ANY ;; ANSWER SECTION: libero.it. 86391 IN MX 10 smtp4.libero.it. libero.it. 86391 IN MX 10 smtp5.libero.it. libero.it. 86391 IN MX 10 smtp6.libero.it. libero.it. 86391 IN NS ns1.libero.it. libero.it. 86391 IN NS ns2.libero.it. ;; AUTHORITY SECTION: libero.it. 86391 IN NS ns1.libero.it. libero.it. 86391 IN NS ns2.libero.it. ;; ADDITIONAL SECTION: smtp4.libero.it. 86391 IN A 193.70.192.54 smtp5.libero.it. 86391 IN A 193.70.192.55 smtp6.libero.it. 86391 IN A 193.70.192.59 ;; Query time: 2 msec ;; SERVER: 195.20.81.60#53(195.20.81.60) ;; WHEN: Mon Oct 28 16:25:39 2002 ;; MSG SIZE rcvd: 205 if all mail from libero.it is send over smtp[456] you can block them. but it is much better if you use your sendmail (qmail,...) mailgateway to deny all mail from libero.it. bye danny Sundaram Ramasamy wrote: | Hi, | | I want to block all incoming mail from the libero.it domain. I have NATed | mail server. | | I set the following rules in my firewall, But still I am getting mails from | this domain. | | Can you please help on this.? | | #libero.it - 195.210.91.83 | SIP=195.210.91.83 | $IPT -A INPUT -s $SIP -j LOG --log-prefix="spam: " | $IPT -A INPUT -s $SIP -j DROP | | $IPT -A INPUT -s $SIP -j LOG --log-prefix="spam: " | $IPT -A FORWARD -s $SIP -j DROP | | | [root@gw root]# dig libero.it | | ; <<>> DiG 9.2.0 <<>> libero.it | ;; global options: printcmd | ;; Got answer: | ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8861 | ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0 | | ;; QUESTION SECTION: | ;libero.it. IN A | | ;; ANSWER SECTION: | libero.it. 86169 IN A 195.210.91.83 | | ;; AUTHORITY SECTION: | libero.it. 86169 IN NS ns2.libero.it. | libero.it. 86169 IN NS ns1.libero.it. | | ;; Query time: 4 msec | ;; SERVER: 192.168.1.1#53(192.168.1.1) | ;; WHEN: Mon Oct 28 09:00:45 2002 | ;; MSG SIZE rcvd: 79 | | -SR | | - -- Linux xtc i686 ~ 16:25:01 up 8 days, 22:12, 3 users, load average: 0.97, 0.93, 0.91 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE9vVf9aZin/WSv/IARAkGgAKDCAdKGPwDawIKFrH7GcP+Pv+RRSgCfeDqR 3si2ob6GgGyinDSt91NbLV8= =Wdmg -----END PGP SIGNATURE----- ^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2002-10-29 13:04 UTC | newest] Thread overview: 10+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2002-10-28 11:54 Loading Additional Modules harish.k 2002-10-28 12:34 ` Cedric Blancher 2002-10-28 13:34 ` hare ram 2002-10-28 14:04 ` Rules for blocking Email from libero.it domain Sundaram Ramasamy 2002-10-28 15:06 ` Antony Stone 2002-10-28 23:17 ` Andrew Smith 2002-10-29 8:50 ` Antony Stone 2002-10-29 10:40 ` Adam D. Barratt 2002-10-29 13:04 ` Antony Stone 2002-10-28 15:30 ` Danny Thuering
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.