On Thursday 01 April 2004 11:29 pm, Jorge Garcia wrote:
> iptables its on my computer but not only me uses it.
> so, i want a set of rules for allowing my computer only to access to web
> pages how can i do this??
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT
iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Obviously you may need to add extra rules to the OUTPUT chain if you want to
allow access to ports other than 80 - 8000 and 8080 are not too uncommon, for
example.
Regards,
Antony.
--
"The joy of X!!?? I've always hated compiling graphical shite. You have a 10
line program, and it ends up depending on the entire known universe."
- Philip Hands
Please reply to the list;
please don't CC me.
