Re: How to tell if a Linux machine is a zombie?
Douglas Tutty wrote:
> On Wed, Jan 10, 2007 at 11:23:29AM -0800, Paul Johnson wrote:
>> I think shorewall assumes that you don't really want to block /all/
>> outbound traffic and does the right thing, then.
> Before you assume this, you should check the netfilter docs. If by
> default I block all outgoing and incomming connections then there's no
> way to establish an 'existing' connection in the first place. If I
> allow outgoing http requests then the data is allowed back in without me
> opening the http port to allow incoming requests. That's the heart of
Aah, OK. I must be thinking ipchains or ipfw from back in the day or
something. Netfilter isn't such a pain by comparison to those two.