From: "Gáspár Lajos" <swifty@freemail.hu>
To: "Juan Carlos Peláez Mendoza" <jcpelaez@gmail.com>
Cc: netfilter@lists.netfilter.org
Subject: Re: Blocking SMTP Worm
Date: Thu, 26 Oct 2006 11:27:50 +0200 [thread overview]
Message-ID: <45407F96.8090000@freemail.hu> (raw)
In-Reply-To: <19fb1ac90610241253u1bc73507u42f133845f60e3cc@mail.gmail.com>
Juan Carlos Peláez Mendoza írta:
> Baltasar,
>
> I think what you say is right, the traffic that the tcpdump shows is
> before applying the filters and rules, The IP that I mentioned it's
> now blocked, but another IP's are beggining to send traffic through
> the interface,
>
> how can I do to stop the traffic to my LAN but not to my linux box,
> because this is my Mail Server and is the only one that I want to send
> traffic at this port???
>
iptables -A FORWARD -j DROP -p tcp --dport 25
This will drop every smtp traffic that goes through your box!
Remember: This is the FORWARD chain!
It is not the nicest solution... :)
Take a look on my script ! :)
https://lists.netfilter.org/pipermail/netfilter/2006-August/066404.html
Swifty
> 14:51:55.442934 IP 61-64-104-223-adsl-tai.STATIC.so-net.net.tw.smtp >
> 192.168.0.163.4115: P 168:192(24) ack 168 win 17353
> 14:51:55.443055 IP 192.168.0.163.4115 >
> 61-64-104-223-adsl-tai.STATIC.so-net.net.tw.smtp: . ack 192 win 65344
> 14:51:55.659325 IP 192.168.0.163.4115 >
> 61-64-104-223-adsl-tai.STATIC.so-net.net.tw.smtp: P 168:190(22) ack
> 192 win 65344
> 14:51:56.554482 IP 61-64-104-223-adsl-tai.STATIC.so-net.net.tw.smtp >
> 192.168.0.163.4115: P 192:210(18) ack 190 win 17331
> 14:51:56.665159 IP 192.168.0.163.4115 >
> 61-64-104-223-adsl-tai.STATIC.so-net.net.tw.smtp: . ack 210 win 65326
>
>
> Thanks,
>
>
> Juan Carlos Peláez Mendoza
>
next prev parent reply other threads:[~2006-10-26 9:27 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <19fb1ac90610240653x69cc1951g9766d7c809ddecef@mail.gmail.com>
2006-10-24 13:54 ` Blocking SMTP Worm Juan Carlos Peláez Mendoza
2006-10-24 14:04 ` Gáspár Lajos
2006-10-24 14:19 ` Juan Carlos Peláez Mendoza
[not found] ` <9e12c5a529145622a46a6cbe5fc05e4b@former03.de>
2006-10-24 19:53 ` Juan Carlos Peláez Mendoza
2006-10-26 9:27 ` Gáspár Lajos [this message]
2006-10-31 19:54 ` R. DuFresne
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=45407F96.8090000@freemail.hu \
--to=swifty@freemail.hu \
--cc=jcpelaez@gmail.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox