At 12:30 PM 6/16/2020, John Pierce wrote:
On Tue, Jun 16, 2020 at 12:26 PM david david@daku.org wrote:
Examples of what I've tried, and then tested. None of them stopped an outgoing SSH from an internal system.
iptables -I INPUT -p tcp --dport 22 -s 10.0.0.0/24 -j DROP iptables -I INPUT -p tcp --dport 22 -s 10.0.0.0/24 -j DROP
which interface is that bound to? I don't see a -i eth0 or whatever, but you want that rule on your LAN interface.
note these rules will also prevent any host on 10.0.0.0/24 from ssh'ing to the gateway machine itself.
At your suggestion, the command became
iptables -I INPUT -p tcp --dport 22 -i enp3s0 -s 10.0.0.0/24 -j DROP
where enp3s0 is the internal NIC with address 10.0.0.1. I'm assuming that your advice about LAN represents the internal network because on most routers, it is, and WAN is the internet connection.
And ssh worked :-( unfortunately
I know that many ISPs block outgoing port 25, so I know this is do-able.
David