Hi Bob Thanks for the reply.
Am I right in thinking I put the accept line in above the DROP line and it will then accept the email but if it's not email it will then drop everything as before? like this: ACCEPT net:x.x.x.x-y.y.y.y all tcp 993,995 DROP net:x.x.x.x-y.y.y.y all As for using the blrules file - I first set it up a long time ago and this just seemed the easiest way for me to manage it on a daily basis as I do this manually. I do find the shorewall docs a bit confusing. (Too much info not targeted at specific solutions I think is my problem) I don't have a complex setup - just the one remote server I manage with a few domains but no local networks etc. Is there a better way to simply add or delete IPs/ranges? thanks again jack ---------------------- > On Wed, 2020-07-22 at 10:12 -0700, Tom Eastep wrote: > > > The correct rule would be: > > ACCEPT net:x.x.x.x-y.y.y.y all tcp 993,995 > > The 'all' in the DEST column should probably be replaced by the zone > where your imap and pop servers live. > > > > > above the drop line but this doesnt seem to be the way to do this. > > I'm not sure if I need to modify any of the other files. > > > > As this is a live site I'm reluctant to keep experimenting without > some > > more knowledgable input. > > Any advice or pointers would be welcome. > > > > Any particular reason why you are using blrules for this filtering > rather than the rules file? > > -Tom > -- > Tom Eastep \ Q: What do you get when you cross a mobster > Shoreline, \ with an international standard? > Washington, USA \ A: Someone who makes you an offer you > http://shorewall.org \ can't understand > \________________________________________ > > _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
