source: trunk/server/fedora/config/etc/sysconfig/ip6tables @ 2700

Last change on this file since 2700 was 2700, checked in by andersk, 10 years ago
Block outgoing port 25 Exceptions are made for localhost, outgoing.mit.edu, and (temporarily) the cssa user. Closes: #403
File size: 427 bytes
Line 
1*filter
2:INPUT ACCEPT [0:0]
3:FORWARD ACCEPT [0:0]
4:OUTPUT ACCEPT [0:0]
5:log-smtp - [0:0]
6-A log-smtp -o lo -j RETURN
7-A OUTPUT -p tcp -m tcp --dport 25 --syn -j log-smtp
8-A log-smtp -m owner --uid-owner postfix -j RETURN
9-A log-smtp -j LOG --log-prefix "SMTP " --log-uid
10# 536957056=cssa (temporary exception)
11-A log-smtp -m owner --uid-owner 536957056 -j RETURN
12-A log-smtp -j REJECT --reject-with icmp6-adm-prohibited
13COMMIT
Note: See TracBrowser for help on using the repository browser.