[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: how to only allow tcp on dport 443 on the OUTPUT chain?

On Wed, 9 Mar 2011 09:24:41 +0000 (UTC)
Virgo Pärna <virgo.parna@mail.ee> wrote:

>     I may be mistaken, but such hard rules could cause serious
> problems. I think that even dns name resolution would not work
> anymore (you cannot send out dns queries). Essentialy you could only
> browse websites on port 80 using IP numbers instead of server name.

I suspect (and hope :) ) that the rules listed by the OP were only part
of a bigger rule set, and the drop policy rule was only included to give
more context. If this is not the case, I agree with Virgo.

Kind regards,

Reply to: