On Sun, 2005-02-06 at 14:54, Ted Gervais wrote: > On Sun, 6 Feb 2005, Jason Opperisano wrote: > > > > On Sun, 2005-02-06 at 13:51, Ted Gervais wrote: > > > I have a problem getting mail packets to go out with my present firewall > > > setup. > > > > is the mail server on a machine behind the firewall, or running on the > > firewall itself? > > On the firewall. k--here's the basic idea: # allow established packets in iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # allow mail in iptables -A INPUT -p tcp --syn --dport 25 -j ACCEPT # allow established packets out iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # allow mail out iptables -A OUTPUT -p tcp --syn --dport 25 -j ACCEPT # allow dns lookups out iptables -A OUTPUT -p udp --dport 53 -j ACCEPT -j -- "Well, I'm not calling you a liar, but... I can't think of a way to finish that sentence." --The Simpsons
