[Shorewall-users] Is is possible to do "shorewall reject 1.1.1.1 tcp 25"

Ben Greiner bgreiner at uni-koeln.de
Fri Feb 11 19:38:28 PST 2005


Sorry, one more comment: if you do it this way, the "blacklist" will be 
lost after shorewall restart, if you don't save it elsewhere.

On 12.02.2005 04:36, Ben Greiner wrote:

> I didn't tried it, but what I would do is:
>
> - creating a new zone, let's say "rsmtp"
>
> - creating a rule that for hosts in this zone smtp access should be 
> rejected
>
> - dynamically adding hosts to this zone via shorewall add
>
> The rule should appear somewhere in the beginning of the rules file, 
> before other traffic from net is handled.
>
> /ben
>
>
> On 12.02.2005 03:38, Alex Martin wrote:
>
>> Hello,
>>
>> Is is possible to do "shorewall reject 1.1.1.1 tcp 25" ?
>>
>> So I can dynamically blacklist offensive smtp senders, but only have 
>> shorewall reject certain types (smtp) traffic from them?
>>
>> Thanks,
>>
>> Alex Martin
>> http://www.rettc.com
>>
>> _______________________________________________
>> Shorewall-users mailing list
>> Post: Shorewall-users at lists.shorewall.net
>> Subscribe/Unsubscribe: 
>> https://lists.shorewall.net/mailman/listinfo/shorewall-users
>> Support: http://www.shorewall.net/support.htm
>> FAQ: http://www.shorewall.net/FAQ.htm
>>
>
> _______________________________________________
> Shorewall-users mailing list
> Post: Shorewall-users at lists.shorewall.net
> Subscribe/Unsubscribe: 
> https://lists.shorewall.net/mailman/listinfo/shorewall-users
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm
>



More information about the Shorewall-users mailing list