On Wed, 1 Apr 2020 09:51:31 +1300 Peter <pe...@pajamian.dhs.org> wrote:
> On 1/04/20 1:42 am, Ranjan Maitra wrote: > > On Tue, 31 Mar 2020 19:41:58 +1300 Peter <pe...@pajamian.dhs.org> wrote: > > > >> On 31/03/20 5:42 pm, Bob Proulx wrote: > >>> The "$vpn" part is a variable was simply a placeholder for the IP > >>> address of your VPN connected relayhost. It would be an IP address > >>> like 93.184.216.34 but put in the IP address of your relay host that > >>> is only accessible when the VPN is up. > >>> > >>> iptables -A OUTPUT -o 93.184.216.34 -m tcp --dport 25 -j ACCEPT > >>> iptables -A OUTPUT -m tcp --dport 25 -j REJECT > >>> > >>> But replace 93.184.216.34 with the IP address of your VPN relay host. > >>> I simply used an actual address inorder to clarify the example. > >> > >> Actually it's an interface name (such as tun0), not an IP address: > >> > >> > >> [!] -o, --out-interface name > >> Name of an interface via which a packet is going to be > >> sent (for packets entering the FORWARD, OUTPUT and POSTROUTING chains). > >> When the "!" argument is used before the > >> interface name, the sense is inverted. If the > >> interface name ends in a "+", then any interface which begins with this > >> name will match. If this option is omitted, any > >> interface name will match. > >> > > > > Hi, > > > > Thanks very much! My VPN interface ic alled cscotun0 so I use: > > > > $ sudo iptables -A OUTPUT -o cscotun0 -m tcp --dport 25 -j ACCEPT > > iptables: Invalid argument. Run `dmesg' for more information. > > It should be -p tcp not -m tcp. > > > I run dmesg but I am not sure what to find there. > > Look for an error from ip_tables towards the end of the messages. > Hi, Sorry, but I did the following: sudo iptables -A OUTPUT -o cscotun0 -p tcp --dport 25 -j ACCEPT sudo iptables -A OUTPUT -p tcp --dport 25 -j REJECT However, what has happened is that all my mail going out has stopped? How do I revert it back to what I used to have? Also, what is going wrong? Many thanks, Ranjan
