Hi
I have an smtp relayhost on one IP of my network. (relays mail for two dedicated servers I have elsewhere).
I got report of spam today but I've been thorough the logs and have examples of the spam headers so I know its not coming from the relayhost (I have to investigate which of the kids computers has the bot on it but that's for later)
So anyway I thought I could create a rule in /jffs/scripts/firewall-start to only allow one IP through the router on port 25
it does run as I see this in iptables -L
(picmail is the hostname)
But the router drops everything to 25. This is in the LOG
I have tried the INPUT chain as well . Still blocks all port 25 packets.
I have also tried the versions below (separately) amongst other things
I shouldn't be surprised as I always struggle with iptables but most of the stuff I've come across while searching seem to suggest my rule should work ?
Any ideas folks ?
I have an smtp relayhost on one IP of my network. (relays mail for two dedicated servers I have elsewhere).
I got report of spam today but I've been thorough the logs and have examples of the spam headers so I know its not coming from the relayhost (I have to investigate which of the kids computers has the bot on it but that's for later)
So anyway I thought I could create a rule in /jffs/scripts/firewall-start to only allow one IP through the router on port 25
Code:
iptables -A FORWARD -p tcp --dport 25 ! -s 192.168.1.19 -j DROP
it does run as I see this in iptables -L
Code:
DROP tcp -- !picmail anywhere tcp dpt:smtp
But the router drops everything to 25. This is in the LOG
Code:
May 14 18:51:56 kernel: DROP <4>DROPIN=br0 OUT=ppp0 <1>SRC=192.168.1.19 DST=5.152.193.75 <1>LEN=52 TOS=0x10 PREC=0x00 TTL=63 ID=43329 DF PROTO=TCP <1>SPT=46499 DPT=25 SEQ=1312024236 ACK=0 WINDOW=14600 RES=0x00 SYN URGP=0 OPT (020405AC0101040201030304)
I have tried the INPUT chain as well . Still blocks all port 25 packets.
I have also tried the versions below (separately) amongst other things
Code:
iptables -A FORWARD -p tcp --dport 25 -s ! 192.168.1.19 -j DROP
iptables -A INPUT -p tcp -s 192.168.1.19 --dport 25 -j ACCEPT
iptables -A INPUT -p tcp --dport 25 -j DROP
iptables -A FORWARD -p tcp -s 192.168.1.19 --dport 25 -j ACCEPT
iptables -A FORWARD -p tcp --dport 25 -j DROP
I shouldn't be surprised as I always struggle with iptables but most of the stuff I've come across while searching seem to suggest my rule should work ?
Any ideas folks ?