iptables block outgoing on port, allow selected IP’s

The iptables rules are evaluated in order, which means that if you block everything in the first rule, there is no point to allow something later, those rules will never be reached.
I’m quite sure you don’t want to match the source address, you want the destination.
iptables -A OUTPUT -p tcp -d 127.0.1.1 --match multiport --dports 25,587,465 -j ACCEPT
iptables -A OUTPUT -p tcp -d **.**.**.*** --match multiport --dports 25,587,465 -j ACCEPT
iptables -A OUTPUT -p tcp -d **.**.**.*** --match multiport --dports 25,587,465 -j ACCEPT
iptables -A OUTPUT -p tcp --match multiport --dports 25,587,465 -j REJECT

Leave a Comment

Your email address will not be published. Required fields are marked *

Open chat