> I would like to know the rule to block ports outbound. > > I am trying to block port 3128 my squid/proxy port. Soo, ehm, you want to prevent outbound packets from squid ? If you don't want that squid is sending packets, then why start squid at all. Well, if that's what you really want to : iptables -A OUTPUT -p tcp --sport 3128 -j REJECT --reject-with tcp-reset or simply iptables -A OUTPUT -p tcp --sport 3128 -j DROP Or don't you want users from the outside (internet) to connect ? # Drops everything by default iptables -P INPUT DROP # Accepts anything coming in on your LAN interface, # but you may want something more secure. iptables -A INPUT -i <if_lan> -j ACCEPT Rob
