Hi David, On Sat, Feb 07, 2004 at 12:51:33PM +0200, David Harel told us: > Hi all, > > > I tried a command: > $IPTABLES -A OUTPUT -p TCP -i $LAN_IFACE -s $LAN_IP_RANGE --dport smtp > -j DROP > but it did nothing. This will only stop traffic generated on your gateway. To stop traffic going _through_ the gateway you will need to put this rule in the FORWARD rule instead of OUTPUT, so replace OUTPUT with FORWARD, you might try something like this: $IPTABLES -A FORWARD -p tcp --dprt 25 -i $LAN_IFACE -o $EXT_IFACE \ -j REJECT --reject-with tcp-reset HTH Sven > > What can I do to block those messages sending attempts? > > -- > Thanks. > > David Harel, > -- Linux zion 2.6.3-rc1 #1 Sat Feb 7 19:08:35 CET 2004 i686 athlon i386 GNU/Linux 21:11:01 up 28 min, 2 users, load average: 0.12, 0.06, 0.05
Attachment:
pgp00766.pgp
Description: PGP signature
