[nflug] IPTABLES TCP unclean
Darin Perusich
Darin.Perusich at cognigencorp.com
Thu Feb 16 12:56:50 EST 2006
how can they not connect to your smtp server, is it their smpt server
that can't connect? have they tried 'telnet 12.45.31.35 smtp' when you
have the unclean enabled?
Justin Bennett wrote:
> I'm running a iptables firewall, I've got a rule that blocks TCP Unclean
> packets.
>
> iptables -A INPUT -m unclean -j DROP
> iptables -A FORWARD -m unclean -j DROP
>
> There is a customer who can't connect to our mail server, I've ruled
> everything else out. When I comment out these two rules, he can connect.
> There's something funky I beleive with the way he is forming packets.
> Does anyone know what this blocks? would it be a security issue if I
> allow tcp unclean from his ip address?
>
> Justin
>
--
Darin Perusich
Unix Systems Administrator
Cognigen Corp.
darinper at cognigencorp.com
_______________________________________________
nflug mailing list
nflug at nflug.org
http://www.nflug.org/mailman/listinfo/nflug
More information about the nflug
mailing list