Blocking a specified IP - why smtp goes through?
-
Hey!
I added a simple firewall rule: block on WAN everything from that source ip.
Tried it with my mobile phone, so i add the IP of my mobile phone to the rule and voila i couldn't reach my web servers behind the firewall.
but funny fact, i CAN reach the mailserver via IMAP/SMTP.
I moved the rule to the top but nothing changed.Public IP from webserver and public IP from the Mailserver are different, both are set up as IF Alias.
Any Ideas?
Thanks in advanced
-
Post your rules. You're screwing something up somewhere.
-
Here
 -
Probably existing states after firewall changes. Clear states if you want immediate satisfaction.
-
Thanks for your reply.
Well IMAP was blocked but SMTP still pass.
So i investigated logs and found out that my gsm provider route the smtp traffic somehow over a different IP, which is of course not blocked.So everything is fine Thanks! 8)
-
what are you trying to do with that block rule on your wan? You do understand that ALL inbound traffic is blocked on your wan, unless you have a port forward or firewall rule that allows it. So what exactly did you think a rule that says hey block these source IPs is going to do other than the default rule that says hey block EVERTHING anyway??
Do you have rules that would allow traffic to 25 that your not showing?
-
Sure, i have a lot of rules.
I just saw in log files that someone tries to probe few servers. So i blocked his IP.
All other services working like a charm. -
There is no difference between a specific rule blocking and a general rule blocking except, perhaps, quieting the log.
I, personally, let my firewall do it's job and don't play whack-a-mole.
