Last change
on this file since 2742 was
2708,
checked in by andersk, 9 years ago
|
Remove temporary outgoing port 25 exemption for cssa
|
File size:
614 bytes
|
Rev | Line | |
---|
[39] | 1 | *filter |
---|
[1689] | 2 | :INPUT ACCEPT [0:0] |
---|
[39] | 3 | :FORWARD ACCEPT [0:0] |
---|
[1689] | 4 | :OUTPUT ACCEPT [0:0] |
---|
[2614] | 5 | :log-smtp - [0:0] |
---|
| 6 | -A INPUT -p udp -m udp --dport 161 ! -s 18.0.0.0/8 -j REJECT |
---|
[2700] | 7 | -A OUTPUT -p tcp -m tcp --dport 25 --syn -j log-smtp |
---|
[2614] | 8 | -A log-smtp -m owner --uid-owner postfix -j RETURN |
---|
[2701] | 9 | -A log-smtp -m owner --uid-owner nrpe -o lo -j RETURN |
---|
| 10 | # 537644531=scripts (for heartbeat) |
---|
| 11 | -A log-smtp -m owner --uid-owner 537644531 -o lo -j RETURN |
---|
[2614] | 12 | -A log-smtp -j LOG --log-prefix "SMTP " --log-uid |
---|
[2701] | 13 | -A log-smtp -o lo -j RETURN |
---|
[2700] | 14 | # 18.9.28.100=outgoing.mit.edu |
---|
| 15 | -A log-smtp -d 18.9.28.100 -j RETURN |
---|
| 16 | -A log-smtp -j REJECT --reject-with icmp-admin-prohibited |
---|
[39] | 17 | COMMIT |
---|
Note: See
TracBrowser
for help on using the repository browser.