I tried what you suggested. But I changed the IP address to the IP address of my Exchange server?
The email doesn't work when I do this.
Here are the rules as of now. /sbin/iptables -A INPUT -p tcp --syn -s 10.2.2.120/32 --destination-port 22 -j ACCEPT /sbin/iptables -A INPUT -p tcp --syn -s 10.2.2.120/32 --destination-port 1241 -j ACCEPT /sbin/iptables -A INPUT -p tcp --syn -s 10.2.2.6/32 --destination-port 25 -j ACCEPT /sbin/iptables -A INPUT -p tcp --syn -j DROP
Those rules, Mark, are controlling access _into_ to your Linux box which is not what you want.
Firewall rules are not to be trifled with... too easy to lock yourself out of your box. For the record, though, some tips:
1. Always ACCEPT all traffic to/from the loopback (127.0.0.1) interface.
2. Then specifically ACCEPT those types of traffic that are OK to you. For example, you can ACCEPT all traffic out, and use iptables features to automatically allow back in any responses received. You can also specifically ACCEPT incoming requests for connection on port 22, for example, as you have done above.
3. Finally, after you are done ACCEPTing, set the default policy to DROP.
Note that, as I mentioned earlier, a secure, safe and happy firewall is but 30 minutes away if you go get Shorewall and read the quick-start guides.
-- Rodolfo J. Paiz [EMAIL PROTECTED]
-- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
