Re: ipfwadm

Jose R. Marte A. Fri, 19 Mar 1999 16:27:38 -0500


----------
> From: Richard Stearn <[EMAIL PROTECTED]>
> To: Robin Gilks <[EMAIL PROTECTED]>
> Cc: [EMAIL PROTECTED]
> Subject: Re: ipfwadm
> Date: Friday, March 19, 1999 3:59 PM
> 
> > Greetings all
> > 
> > Can anyone tell me the difference between the policy 'deny' and 
> > that 'reject' ?
> 
> deny   - the firewall drops the packet on the floor and does not reply
> reject - firewall returns a "connection refused" reply
> 
> > I'm trying to stop a server sending me smtp when I connect to it (I
prefer
> > using POP) but I don't want to _not_ run an smtp server. It seems that
> > if I use the rule
> >     ipfwadm -I -a reject -S any/0 smtp 
> > then icmp 'port unreachable' is generated but that doesn't seem to
disuade
> > the server from continuing to try!! If I use

Hi Robin,
You can try this:

ipfwadm -I -f
ipfwadm -I -a reject -P tcp  -S anywhere/0 -D yourNetwork/24  25  

# 25 is the SMTP Port

i hope this help you
73's Jose (HI8GN)



> 
> The sending system probably assumes the fault is temporary and keeps
trying
> 
> >     ipfwadm -I -a deny -S any/0 smtp 
> > then it doesn't appear to stop anything!!
> 
> The sending system will timeout; eventually.
> 
> > All I want to do it run the ampr.org DNS without emptying the company
mail
> > account into the linux box here!!!!
> 
> You will need to get the ISP to turn off the smtp delivery of mail to the
> account you are using. Probably not what you want to do.
> 
> > --
> > 73 de Robin                             Hub manager gb7ipd
> > 
> > g8ecj.ampr.org. IP 44.131.161.112       Located in Flackwell Heath
IO91po
> > NTS: G8ECJ@GB7TVG.#42.GBR.EU            AmprNet:  
[EMAIL PROTECTED]
> > Internet: [EMAIL PROTECTED] 
http://www.gb7ipd.freeserve.co.uk/
> > Shack: (+44) 1628 533311                Fax:  (+44) 1628 850165
> 
> 
> -- 
> Regards
>       Richard
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Amateur radio callsign: G1SOG         Home BBS: G1SOG@GB7SDN.#49.GBR.EU
>                 Amprnet co-ordinator for Wiltshire
> My opinions are mine, all mine. None to spare for unopinionated masses.
> This message comes from a WinTel free zone.   CPU = Cyrix,  OS = Linux.
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: ipfwadm

Reply via email to
