On 14/5/23 08:14, Tom Reed wrote:
/usr/sbin/iptables -A INPUT -p tcp --dport 143 -j REJECT --reject-with
tcp-reset
/usr/sbin/iptables -A INPUT -p tcp --dport 587 -j REJECT --reject-with
tcp-reset
When I telnet from another host to the protected port, it gets timeout
message as follows.
telnet: Unable to connect to remote host: Connection timed out
IIRC, timeout should happen for iptables DROP action. Since I am using
REJECT, why the connect shouldn't get disconnected quickly?
There may be an earlier rule in your config that stops the REJECT rule being
hit.
check rule order with
|iptables -L -n -v The other possibility is you aren't running telnet.
netstat -tulnpW | grep 23 |
--
Jeremy
(Lists)
