iptables -I FORWARD 1 -d $ip -p tcp -m tcp --dport 25 -j DROP iptables -I FORWARD 1 -s $ip -p tcp -m tcp --dport 25 -j DROP...where $ip is the IP you are restricting port traffic on. The above rules prevent all IN/OUT port 25 traffic to a particular host.
Wednesday, May 23, 2012
Block Port 25 On SolusVM/Xen With IPtables
SolusVM (at the time of this writing) has no internal method for firewalling customers containers.
I find it often necessary to restrict ports on customers (normally port 25) and after trial and error came up with some rules for IPtables to facilitate this at the hardware node level.
SolusVM uses the FORWARD chain inside of IPtables so all you need to do is:
Subscribe to:
Post Comments (Atom)
How do you remove these? I needed this as a temp fix but can't seem to figure out how to remove.
ReplyDeleteiptables -D FORWARD -d $ip -p tcp -m tcp --dport 25 -j DROP
ReplyDeleteiptables -D FORWARD -s $ip -p tcp -m tcp --dport 25 -j DROP
HTH =)