[ previous ] [ next ] [ threads ]
 
 From:  "Lee Sharp" <leesharp at hal dash pc dot org>
 To:  "m0n0wall" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Block port 25
 Date:  Mon, 28 Nov 2005 13:16:25 -0600
From: "Jason King" <jking at informs dot com>

>I have a WAN, LAN, and DMZ on my m0n0wall. I want to block all SMTP
> traffic from the LAN going to the internet, and disable all SMTP traffic
> from the DMZ going to the internet except for one host on the DMZ (the
> mail server).

> Basically, I don't want any machine sending SMTP packets out to the
> internet except for one. What rules do I need to add?

The rules go top down to a matching rule.  So, on the LAN, you want a any 
with a destination port 25 deny.  On the DMZ you want a (not ip of the one 
host) destination port 25 deny.

                        Lee