> Can somebody explain to me why is when i changed my Chain > INPUT Rules from ACCEPT to DROP, i cannot browse the internet > despite opening port 80 in the INPUT rule. ... > Chain INPUT (policy DROP) > target prot opt source destination > RH-Lokkit-0-50-INPUT all -- anywhere anywhere > ACCEPT tcp -- anywhere anywhere > tcp spt:http > ACCEPT udp -- anywhere anywhere > udp spt:http Because you used sport. You are trying to reach servers that are *listening* on port 80/443 so you should use dport (destination = port 80/443). You are most likely not sending from port 80/443. Gr, Rob
