On Thu, 26 Apr 2012 10:56:47 +0800 Bill Sun <cap.sensitive@xxxxxxxxx> wrote: > On Wed, Apr 25, 2012 at 12:35:46PM -0500, Leonid Isaev wrote: > > Assuming you are running a desktop machine, why would you want to DROP by > > default all outgoing traffic? AFAICT google voice app makes you browser > > establish some UDP connecyions + https. So here are few observations > > regarding your ruleset: > > 1. Default policy for OUTPUT should be ACCEPT and all following OUTPUT > > rules should be removed. Also, default DROP policy for INPUT is just > > impolite -- use REJECT instead. > > 2. Unless you have a good understanding of ICMP (which is way more than > > ping), all icmp should be allowed (please don't tell me about pings of > > death or DoS because of ping floods). > Good points. I've made changes regarding to your instruction. > So... does your GV work now? -- Leonid Isaev GnuPG key: 0x164B5A6D Fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
Attachment:
signature.asc
Description: PGP signature
