Security and privacy

Picture of Hubert Chathi
Re: iptables firewall stops email messages to SMTP host

I would avoid filtering the INPUT based solely on source port.  In theory, an attacker could send a packet from, say, the LDAP port to any other port on your system, effectively bypassing your firewall.

By the way, instead of writing the iptables rules manually, you may want to use a frontend such as shorewall.

Average of ratings: -