iptables

Firewall testing

Make a cron job run every five minutes that resets the firewall so you can prevent yourself from getting locked out while testing any changes.

Here is a new cronjob entry:

*/5 * * * * /etc/init.d/iptables restart
Block an external IP address
iptables -A INPUT -s <IP-ADDRESS> -j DROP
Postfix

Port 25 only needs to be open if you are accepting incoming mail.

Accept LAN Traffic

Open all ports to a subnet

iptables -A INPUT -p tcp -s 192.168.12.0/24 -j ACCEPT