Skip to main content

IPTABLES

Under linux OS, we use iptables to secure the machine from any other external attack. In current scenario I am forwarding the packages from local interface to external interface and i have squid configured which will be acting as transparent proxy. Only selective port numbers are open for the network.

1. Save the script to a file.
2. Give permission to execute. chmod +x filename.
3. Execute the file as follows ./filename
4. save the output of the script to system iptables file, by running the command service iptables save
5. You are done, start/restart the iptables service. service iptables restart

Script:
#!/bin/sh

# chmod +x file name to execute
# eth0 LAN
# eth1 WAN
# Local IP range 192.168.0.0/25
# NATing
# Transparent proxy

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -s 0.0.0.0/8 -j LOG --log-prefix "Spoofed IP 0.0.0.0/8"
iptables -A INPUT -s 0.0.0.0/8 -j DROP
iptables -A INPUT -s 127.0.0.0/8 -j LOG --log-prefix "Spoofed IP 127.0.0.0/8"
iptables -A INPUT -s 127.0.0.0/8 -j DROP
iptables -A INPUT -s 128.0.0.0/16 -j LOG --log-prefix "Spoofed IP 128.0.0.0/16"
iptables -A INPUT -s 128.0.0.0/16 -j DROP
iptables -A INPUT -s 10.0.0.0/8 -j LOG --log-prefix "Spoofed IP 10.0.0.0/8"
iptables -A INPUT -s 10.0.0.0/8 -j DROP
iptables -A INPUT -s 169.254.0.0/16 -j LOG --log-prefix "Spoofed IP 169.254.0.0/16"
iptables -A INPUT -s 169.254.0.0/16 -j DROP
iptables -A INPUT -s 191.255.0.0/16 -j LOG --log-prefix "Spoofed IP 191.255.0.0/16"
iptables -A INPUT -s 191.255.0.0/16 -j DROP
iptables -A INPUT -s 192.0.0.0/24 -j LOG --log-prefix "Spoofed IP 192.0.0.0/24"
iptables -A INPUT -s 192.0.0.0/24 -j DROP
iptables -A INPUT -s 192.0.2.0/24 -j LOG --log-prefix "Spoofed IP 192.0.2.0/24"
iptables -A INPUT -s 192.0.2.0/24 -j DROP
iptables -A INPUT -s 192.168.0.0/16 -j LOG --log-prefix "Spoofed IP 192.168.0.0/16"
iptables -A INPUT -s 192.168.0.0/16 -j DROP
iptables -A INPUT -s 223.255.255.0/24 -j LOG --log-prefix "Spoofed IP 223.255.255.0/24"
iptables -A INPUT -s 223.255.255.0/24 -j DROP
iptables -A INPUT -s 255.0.0.0/8 -j LOG --log-prefix "Spoofed IP 255.0.0.0/8"
iptables -A INPUT -s 255.0.0.0/8 -j DROP
iptables -A INPUT -s 224.0.0.0/4 -j LOG --log-prefix "Spoofed IP 224.0.0.0/4"
iptables -A INPUT -s 224.0.0.0/4 -j DROP
iptables -A INPUT -s 240.0.0.0/5 -j LOG --log-prefix "Spoofed IP 240.0.0.0/5"
iptables -A INPUT -s 240.0.0.0/5 -j DROP
iptables -A INPUT -s 248.0.0.0/5 -j LOG --log-prefix "Spoofed IP 248.0.0.0/5"
iptables -A INPUT -s 248.0.0.0/5 -j DROP
iptables -A INPUT -s 255.255.255.255/32 -j LOG --log-prefix "Spoofed IP 255.255.255.255/32"
iptables -A INPUT -s 255.255.255.255/32 -j DROP
iptables -A INPUT -s 208.13.201.2/32 -j LOG --log-prefix "Spoofed source Woofgang"
iptables -A INPUT -s 208.13.201.2/32 -j DROP
iptables -A INPUT -s 217.124.178.42 -j DROP
iptables -A INPUT -s 121.124.124.112 -j DROP
iptables -A INPUT -s 114.112.190.200 -j DROP
iptables -A INPUT -s 211.118.104.4 -j DROP
iptables -A INPUT -s 125.64.43.152 -j DROP
iptables -A INPUT -s 74.208.218.183 -j DROP
iptables -A INPUT -s 61.14.94.114 -j DROP
iptables -A INPUT -s 112.65.239.245 -j DROP
iptables -A INPUT -s 218.21.243.90 -j DROP
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 53 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 53 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 8080 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 443 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 443 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 389 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 389 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 465 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 587 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 953 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 993 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 995 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 995 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 110 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 143 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 20 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 21 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 23 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 43 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 3306 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 3306 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 123 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 1433 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 1433 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 137 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 138 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 139 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 161 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 161 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 5900 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 5900 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 5901 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 5901 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 5902 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 5902 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 5903 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 5903 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 5904 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 5904 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 5905 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 5905 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 7025 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 7025 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 7071 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 7071 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 5938 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 3389 -j ACCEPT
iptables -A INPUT -p icmp -m icmp -j ACCEPT
iptables -A INPUT -p icmp -m icmp --icmp-type echo-reply -j ACCEPT
iptables -A INPUT -p icmp -m icmp --icmp-type echo-request -j ACCEPT
iptables -A INPUT -p icmp -m icmp --icmp-type time-exceeded -j ACCEPT
iptables -A INPUT -p icmp -m icmp --icmp-type destination-unreachable -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -m state --state INVALID -j DROP
iptables -A INPUT -f -j DROP
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 53 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 53 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 80 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 8080 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 443 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 443 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 389 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 389 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 25 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 465 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 587 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 953 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 993 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 995 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 995 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 110 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 143 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 20 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 21 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 22 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 23 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 43 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 3306 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 3306 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 123 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 1433 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 1433 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 137 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 138 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 139 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 161 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 161 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 5900 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 5900 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 5901 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 5901 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 5902 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 5902 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 5903 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 5903 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 5904 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 5904 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 5905 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 5905 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 7025 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 7025 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p udp -m udp --dport 7071 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 7071 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 5938 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/25 -p tcp -m tcp --dport 3389 -j ACCEPT
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
iptables -A FORWARD -m state --state INVALID -j DROP
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 53 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 53 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 80 -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 80 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 8080 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 443 -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 443 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 389 -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 389 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 25 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 465 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 587 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 953 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 993 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 995 -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 995 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 110 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 143 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 20 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 21 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 22 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 23 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 43 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 3306 -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 3306 -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 123 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 1433 -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 1433 -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 137 -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 138 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 139 -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 161 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 161 -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 5900 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 5900 -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 5901 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 5901 -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 5902 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 5902 -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 5903 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 5903 -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 5904 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 5904 -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 5905 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 5905 -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 7025 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 7025 -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 7071 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 7071 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 5938 -j ACCEPT
iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 3389 -j ACCEPT
iptables -A OUTPUT -m state --state INVALID -j DROP
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -A POSTROUTING -o eth1 -s 192.168.0.0/25 -j MASQUERADE

exit 0
Labels:

Comments

  1. Priya KannanJune 8, 2017 at 12:45 PM

    This information really worth saying, i think you are master of the content and thank you so much sharing that valuable information and get new skills after refer that post.
    SQL Server Training in Chennai

    ReplyDelete

Post a Comment

Popular posts from this blog

Clear Zimbra Mail Queue

If you want to clear mail queue from specific email address run the following command in your terminal. Below will remove mail queues, by checking FROM sender. eg. remove all mail queues sent by info@example.com /opt/zimbra/postfix/sbin/mailq | tail -n +2 | grep -v '^ *(' | awk 'BEGIN { RS = "" } { if ($7 == "info@example.comt") print $1 } ' | tr -d '*!' | xargs -rn1 /opt/zimbra/postfix/sbin/postsuper -d Below will remove mail queues, by checking TO sender. eg. remove all mail queues sent to info@example.com /opt/zimbra/postfix/sbin/mailq | tail -n +2 | grep -v '^ *(' | awk 'BEGIN { RS = "" } { if ($8 == "info@example.comt") print $1 } ' | tr -d '*!' | xargs -rn1 /opt/zimbra/postfix/sbin/postsuper -d
Post a Comment
Read more

Zimbra Mail Error: not enough free space in mail queue

If you are using Zimbra Mail and you are not able to send any mails and also you see an Error Message " not enough free space in mail queue " under /var/log/message. Then you should try out this solution. 1. Login to the server, and then again login as zimbra as follows: #su - zimbra 2. Check the Postfix message_size_limit, by default it should be 10MB (i.e. '10240000' bytes) as follows: $postconf message_size_limit message_size_limit = 10240000 3. If the value is higher than that, set it as follows to 10MB $ zmprov modifyConfig zimbraMtaMaxMessageSize 10240000 $ postfix reload Now try sending Mail, It should work. You could try out this solution for Error: " SMTP Server Reported: 452 4.3.1 Insufficient System Storage "
Post a Comment
Read more