08-15-2008
Usually, a mail client might resolve more then one IP for the same hostname, but it will connect to only one of those addresses for the duration of the session. So it shouldn't be a problem for your dynamic rules.
Your first log entry states rule 42 while in your ruleset rule 40 is the that should match.
do you use nat?
9 More Discussions You Might Find Interesting
1. IP Networking
I'd like to find out how to redirect Outbound packets.
So instead of having packets go to IP1 as they normally would, have them go to IP2 instead.
I believe this is possible using IPFW but I'm not sure. I've played with it, but haven't gotten too far.
Any ideas would be appreciated. (1 Reply)
Discussion started by: Seraph
1 Replies
2. Cybersecurity
Hello.
I hope you can help me please.
We are about to bring a few servers online which will be hosting different things...
For one server, it will be hosting a HTTPd, and just wanted to know whether these rules are correct that I have?
To ensure the right interfaces etc, here's a copy of... (1 Reply)
Discussion started by: DanUK
1 Replies
3. Shell Programming and Scripting
Hi,
If I want my script to send a mail to multiple recipients I can do the following:
if
then
echo $err_string1 | mailx -s "UAT CPU ALERT" 1@email.com
echo $err_string1 | mailx -s "UAT CPU ALERT" 2@email.com
fi
Can this also be done something like:
... (1 Reply)
Discussion started by: runnerpaul
1 Replies
4. IP Networking
hello,
i am searching a way to delay the incoming packets before it goes out of the system may i know how can i approach to this problem? (3 Replies)
Discussion started by: sameer kulkarni
3 Replies
5. Red Hat
Hi,
We have a router and devices for testing. We route devices with below command
iptables -t nat -A PREROUTING -p tcp -d 0/0 --dport 80 -s 10.111.111.22 -j DNAT --to-destination 10.13.0.16:3128
where 10.111.111.22 is device IP. and 10.13.0.16 is our Linux box machine.
Likewise we... (4 Replies)
Discussion started by: Dhruvak
4 Replies
6. Windows & DOS: Issues & Discussions
Hello
Is there an easy way to login to various ip's..one after the other. I need to login to about 30 aix boxes and put a file in each one...
Cheers (1 Reply)
Discussion started by: Grueben
1 Replies
7. UNIX for Dummies Questions & Answers
Hello
Is there an easy way to login to various ip's..one after the other. I need to login to about 30 aix boxes and put a file in each one...
Cheers (1 Reply)
Discussion started by: Grueben
1 Replies
8. Red Hat
Hello Friends,
I am running Sendmail 8.14 on rhel6. I have one simple question regarding domain masquerading, i would want to masquerade different domains with different addresses. By that what i mean is that lets say i have 3 domains as home.com, example.com, test.com and i would want to... (0 Replies)
Discussion started by: Rohit Bhanot
0 Replies
9. UNIX for Dummies Questions & Answers
Hi,
I have ip addresses from 192.168.0.1 to 192.168.0.10.
I have to ping those series of IP address in single command? Which command i can use? (2 Replies)
Discussion started by: thomasraj87
2 Replies
LEARN ABOUT MOJAVE
ipfirewall
IPFW(4) BSD Kernel Interfaces Manual IPFW(4)
NAME
ipfw -- IP packet filter and traffic accounting
SYNOPSIS
To compile ipfw into the kernel, place the following option in the kernel configuration file:
options IPFIREWALL
Other kernel options related to ipfw which may also be useful are:
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPFIREWALL_FORWARD
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=100
To load ipfw as a module at boot time, add the following line into the loader.conf(5) file:
ipfw_load="YES"
DESCRIPTION
The ipfw system facility allows filtering, redirecting, and other operations on IP packets travelling through network interfaces.
The default behavior of ipfw is to block all incoming and outgoing traffic. This behavior can be modified, to allow all traffic through the
ipfw firewall by default, by enabling the IPFIREWALL_DEFAULT_TO_ACCEPT kernel option. This option may be useful when configuring ipfw for
the first time. If the default ipfw behavior is to allow everything, it is easier to cope with firewall-tuning mistakes which may acciden-
tally block all traffic.
To enable logging of packets passing through ipfw, enable the IPFIREWALL_VERBOSE kernel option. The IPFIREWALL_VERBOSE_LIMIT option will
prevent syslogd(8) from flooding system logs or causing local Denial of Service. This option may be set to the number of packets which will
be logged on a per-entry basis before the entry is rate-limited.
Policy routing and transparent forwarding features of ipfw can be enabled by IPFIREWALL_FORWARD kernel option.
The user interface for ipfw is implemented by the ipfw(8) utility, so please refer to the ipfw(8) manpage for a complete description of the
ipfw capabilities and how to use it.
SEE ALSO
setsockopt(2), divert(4), ip(4), ipfw(8), sysctl(8), syslogd(8), pfil(9)
BSD September 1, 2006 BSD