On Monday 04 July 2005 09:25, John Sasso wrote:
> avail. Is this a bug?
Not likely.
> iptables --policy OUTPUT DROP
Don't do this. How do you think it will help? Do you have untrusted
local shell users? If so, you are doomed anyway. They will find an
opening, get root, and get out as they wish. If it's just you on the
machine, OUTPUT filtering is silly. Use self-control, not netfilter.
iptables -P OUTPUT ACCEPT
For the return packets, go stateful. An example is posted in the thread
earlier today, Subject: help me. It's also given and explained in the
Packet Filtering HOWTO.
--
mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header
