1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Blocking outgoing SMTP

Discussion in 'Sveasoft Firmware' started by rsscp1, Jan 15, 2005.

  1. rsscp1

    rsscp1 Network Guru Member

    I have several computers in my network and one mail server. What I would like to do is block outgoing SMTP traffic from the computers (192.168.0.0/24) to the WAN, but allow SMTP traffic from the mail server (192.168.0.1) to the WAN, for added security. I have been trying to do this with iptables, but I don't have that much experience configuring iptables firewalls. Does anyone know how to accomplish this?
     
  2. jotne

    jotne Network Guru Member

    A good question I also would like to have an answer to. It's good policy to block outgoing SMTP traffic due to virus and other spam problems.
     
  3. rsscp1

    rsscp1 Network Guru Member

    I think I figured it out.

    Code:
    /usr/sbin/iptables -I INPUT -p tcp -s 192.168.0.0/24 --dport 25 -j DROP
    /usr/sbin/iptables -I OUTPUT -p tcp -s 192.168.0.0/24 --dport 25 -j DROP
    /usr/sbin/iptables -I FORWARD -p tcp -s 192.168.0.0/24 --dport 25 -j DROP
    
    /usr/sbin/iptables -I INPUT -p tcp -s 192.168.0.11 --dport 25 -j ACCEPT
    /usr/sbin/iptables -I FORWARD -p tcp -s 192.168.0.11 --dport 25 -j ACCEPT
    
    The reason I want to block outgoing SMTP traffic is indeed to avoid the possibility of viruses and spam being able to spread through SMTP. I am fairly positive that the computers in my network are clean and secure, but you never know. I would rather not get a phone call from my ISP one day and find out they cut me off due to viruses being sent from my network.
     
  4. jotne

    jotne Network Guru Member

    Since I am a newbe with the WRT54G, I have to ask how to get this line into the box and make them permanent. :huh:
     
  5. rsscp1

    rsscp1 Network Guru Member

    The lines have to be added to the rc_firewall script. To do this, type:

    Code:
    nvram set rc_firewall='#!/bin/sh
    /usr/sbin/iptables -I INPUT -p tcp -s 192.168.0.0/24 --dport 25 -j DROP
    /usr/sbin/iptables -I OUTPUT -p tcp -s 192.168.0.0/24 --dport 25 -j DROP
    /usr/sbin/iptables -I FORWARD -p tcp -s 192.168.0.0/24 --dport 25 -j DROP
    /usr/sbin/iptables -I INPUT -p tcp -s 192.168.0.11 --dport 25 -j ACCEPT
    /usr/sbin/iptables -I FORWARD -p tcp -s 192.168.0.11 --dport 25 -j ACCEPT'
    
    And to save the script to the RAM:

    Code:
    nvram commit
    
     
  6. stefor

    stefor Network Guru Member

    Hi all,
    I am a newbe in wrt54gs and Linksys too, but I have a strong knowledge on firewalls.

    Where can I find tutorials which explain how to proceed such commands and to get list of available commands ?
     

Share This Page