Juan Carlos Peláez Mendoza írta:
Baltasar, I think what you say is right, the traffic that the tcpdump shows is before applying the filters and rules, The IP that I mentioned it's now blocked, but another IP's are beggining to send traffic through the interface, how can I do to stop the traffic to my LAN but not to my linux box, because this is my Mail Server and is the only one that I want to send traffic at this port???
iptables -A FORWARD -j DROP -p tcp --dport 25 This will drop every smtp traffic that goes through your box! Remember: This is the FORWARD chain! It is not the nicest solution... :) Take a look on my script ! :) https://lists.netfilter.org/pipermail/netfilter/2006-August/066404.html Swifty
14:51:55.442934 IP 61-64-104-223-adsl-tai.STATIC.so-net.net.tw.smtp > 192.168.0.163.4115: P 168:192(24) ack 168 win 17353 14:51:55.443055 IP 192.168.0.163.4115 > 61-64-104-223-adsl-tai.STATIC.so-net.net.tw.smtp: . ack 192 win 65344 14:51:55.659325 IP 192.168.0.163.4115 > 61-64-104-223-adsl-tai.STATIC.so-net.net.tw.smtp: P 168:190(22) ack 192 win 65344 14:51:56.554482 IP 61-64-104-223-adsl-tai.STATIC.so-net.net.tw.smtp > 192.168.0.163.4115: P 192:210(18) ack 190 win 17331 14:51:56.665159 IP 192.168.0.163.4115 > 61-64-104-223-adsl-tai.STATIC.so-net.net.tw.smtp: . ack 210 win 65326 Thanks, Juan Carlos Peláez Mendoza
