source: trunk/server/fedora/config/etc/sysconfig/ip6tables @ 2700

Last change on this file since 2700 was 2700, checked in by andersk, 7 years ago
Block outgoing port 25 Exceptions are made for localhost, outgoing.mit.edu, and (temporarily) the cssa user. Closes: #403
File size: 427 bytes
Line 
1*filter
2:INPUT ACCEPT [0:0]
3:FORWARD ACCEPT [0:0]
4:OUTPUT ACCEPT [0:0]
5:log-smtp - [0:0]
6-A log-smtp -o lo -j RETURN
7-A OUTPUT -p tcp -m tcp --dport 25 --syn -j log-smtp
8-A log-smtp -m owner --uid-owner postfix -j RETURN
9-A log-smtp -j LOG --log-prefix "SMTP " --log-uid
10# 536957056=cssa (temporary exception)
11-A log-smtp -m owner --uid-owner 536957056 -j RETURN
12-A log-smtp -j REJECT --reject-with icmp6-adm-prohibited
13COMMIT
Note: See TracBrowser for help on using the repository browser.