At WAN (Incoming) everything is blocked by default. If you want to send this port through to a mailserver just create a NAT for this port to this machine at portforward. make sure the "autocreate firewall rule is checked". If you only want to block port 25 outgoing create a block rule at your LAN interface that blocks proto tcp, source "not mailserver ip" with any port, destination any with port 25. This rule has to go above the default alow lan to any rule. Another option would be to redirect the port 25 "silently" to your mailserver like done in this example: http://www.pfsense.com/screens/redirect_lan_to_another_mail_server.PNG
(btw, this belongs to [email protected] and not [EMAIL PROTECTED] please use the appropriate list next time) Holger > -----Ursprüngliche Nachricht----- > Von: dny [mailto:[EMAIL PROTECTED] > Gesendet: Donnerstag, 22. Dezember 2005 08:54 > An: [email protected] > Betreff: [pfSense-discussion] block port 25 > > > is there a way to block all incoming and outgoing access to port 25, > with only one exception if it is going through a legitimate > mail server. > > how can i accomplish this? > > tnx&rgds, > dny > www.ngobrol.com > > ... but that which cometh out of the mouth, > this defileth a man. Mat 15:11 > ____________ Virus checked by G DATA AntiVirusKit
