On Wed, 26 Dec 2001, Michael McLagan wrote: > Last login: Sun Jun 3 18:26:57 2001 from os2.invlogic.com > Linux 2.2.18. > No mail. > [mmclagan@xtian:/home/mmclagan] $ telnet os2.invlogic.com smtp > Trying 198.182.196.9... > Connected to os2.invlogic.com. > Escape character is '^]'. > 220-os2.invlogic.com Sendmail IBM OS/2 SENDMAIL VERSION 2.02/2.0 ready at > Wed, 26 Dec 2001 11:58:33 -0500 > 220 ESMTP spoken here > quit > 221 os2.invlogic.com closing connection > Connection closed by foreign host. > [mmclagan@xtian:/home/mmclagan] $ > > My reading of the man pages, etc says that the following line in the > /etc/sysconfig/iptables file (using RH 7.2 - the same line is in the /proc > files) on router.invlogic.com: > > [0:0] -A INPUT -d 198.182.196.9 -p tcp -m tcp --dport 25 -j REJECT \ > --reject-with icmp-port-unreachable > > should have blocked the above session. In fact, I've got rules for 20, 21, 23 > and 25 for that system and none of them is getting blocked. I've attached the > .config that I compiled the kernel with in case there's an option that I forgot > to include to make this all work. > > Any input will be greatly appreciated! > The input chain is for packets with a local destination. You probably want that rule in the forward chain on the router. - James -- James Morris <jmorris@intercode.com.au> - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
