*filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :log-smtp - [0:0] -A INPUT -p udp -m udp --dport 161 ! -s 18.0.0.0/8 -j REJECT -A OUTPUT -p tcp -m tcp --dport 25 --syn -j log-smtp -A log-smtp -m owner --uid-owner postfix -j RETURN -A log-smtp -m owner --uid-owner nrpe -o lo -j RETURN # 537644531=scripts (for heartbeat) -A log-smtp -m owner --uid-owner 537644531 -o lo -j RETURN -A log-smtp -j LOG --log-prefix "SMTP " --log-uid -A log-smtp -o lo -j RETURN # 18.9.28.100=outgoing.mit.edu -A log-smtp -d 18.9.28.100 -j RETURN -A log-smtp -j REJECT --reject-with icmp-admin-prohibited COMMIT