it sounds to me that what he wants is to block packets to/from port 25, except for outgoing packets to a specific IP address.
----- Original Message ----- From: "Holger Bauer" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Thursday, December 22, 2005 12:10 AM Subject: AW: [pfSense-discussion] block port 25 At WAN (Incoming) everything is blocked by default. If you want to send this port through to a mailserver just create a NAT for this port to this machine at portforward. make sure the "autocreate firewall rule is checked". If you only want to block port 25 outgoing create a block rule at your LAN interface that blocks proto tcp, source "not mailserver ip" with any port, destination any with port 25. This rule has to go above the default alow lan to any rule. Another option would be to redirect the port 25 "silently" to your mailserver like done in this example: http://www.pfsense.com/screens/redirect_lan_to_another_mail_server.PNG (btw, this belongs to [email protected] and not [EMAIL PROTECTED] please use the appropriate list next time) Holger > -----Ursprüngliche Nachricht----- > Von: dny [mailto:[EMAIL PROTECTED] > Gesendet: Donnerstag, 22. Dezember 2005 08:54 > An: [email protected] > Betreff: [pfSense-discussion] block port 25 > > > is there a way to block all incoming and outgoing access to port 25, > with only one exception if it is going through a legitimate > mail server. > > how can i accomplish this? > > tnx&rgds, > dny > www.ngobrol.com > > ... but that which cometh out of the mouth, > this defileth a man. Mat 15:11 > ____________ Virus checked by G DATA AntiVirusKit -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.14.3/209 - Release Date: 12/21/2005
