Hi Kenn, A simple setup will be something like this: iptables -i lo -j ACCEPT iptables -p tcp --dport 80 -j ACCEPT iptables -j DROP If you are using a transparent proxy, ala Squid, you may have to add some more rules. /Kim On Thursday 17 April 2003 15:49, kenn murrah wrote: > Sorry for the elementary nature of this question ... I've just installed > linux and have a transparent proxy working using iptables ... but my goal > is to block ALL non-http traffic in both directions ... that is, i want to > allow web access but no instant messenging, no ftp, etc. > > is there a simple line or two that i can add to iptables? please feel free > to tell me to RTFM, but the tutorial i just downloaded is 151 pages, and i > admit that i'm looking for a fast solution this morning ... (i'll study the > manual on the way home tonight on the train -- i promise!) > > can anyone help me out? all advice MOST appreciated.
