> Will you help on this i have installed Iptables > firewall on my mail server with two eth cards eth0 > for internet and eth1 for lan > how can i protect from the attacks on 1st feb > please help me can i use same rules if yes > $IFACE_INET --???? > $IFACE_DMZ ---??? > can u tell me about this The attacks come from MS workstations that are infected by the virus, not from servers - if all is well. Assuming for the virus to succesfully start the attack, it has to have direct access (like NAT) to the internet (thus assuming that these viruses are not able to find out IE's proxy settings and use it..) So, do you use a proxy server or NAT for your clients to access the internet ? If my assumption above is true (I think it is, please correct me if I'm wrong) and your clients can only use the proxy server then you don't need any rules as the virus can't reach the internet directly anyway. The attack will then stop at your default gateway. Gr, Rob
