Results 1 to 1 of 1
Hi, I'm using IPTables to manage outgoing email connections from a wireless hotspot and have the following rules set up: iptables -I FORWARD -p tcp --dport 25 -m state --state ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 02-28-2008 #1
- Join Date
- Feb 2008
IPTables spam limiting question
iptables -I FORWARD -p tcp --dport 25 -m state --state NEW -m recent --set
iptables -I FORWARD -p tcp --dport 25 -m state --state NEW -m recent --update --seconds 60 --hitcount 30 -j DROP
(I'm totally clueless about this, so apologies if I'm messing it up)
From what I understand the first string adds any host who connects on port 25 to a table, the second string restricts any hosts in the table that send 30 messages in 60 seconds.
the problem with this is if a host spews a ton of spam (we're talking infected client laptops) upon initial connection they won't be blocked, only if they initiate a second connection.
is there a string I can use that would add ALL hosts to the match table? so that the DROP rule would be applied to every connection on port 25?