Re: how to only allow tcp on dport 443 on the OUTPUT chain?

To: debian-user@lists.debian.org
Subject: Re: how to only allow tcp on dport 443 on the OUTPUT chain?
From: Andrej Kacian <andrej+debian@kacian.sk>
Date: Wed, 9 Mar 2011 10:35:12 +0100
Message-id: <[🔎] 20110309103512.00004528@unknown>
In-reply-to: <[🔎] slrninehqp.q6s.virgo.parna@dragon.gaiasoft.ee>
References: <[🔎] 12e998a57f5.7674330168128723895.-3406972399569731174@zoho.com> <[🔎] slrninehqp.q6s.virgo.parna@dragon.gaiasoft.ee>

On Wed, 9 Mar 2011 09:24:41 +0000 (UTC)
Virgo Pärna <virgo.parna@mail.ee> wrote:

>     I may be mistaken, but such hard rules could cause serious
> problems. I think that even dns name resolution would not work
> anymore (you cannot send out dns queries). Essentialy you could only
> browse websites on port 80 using IP numbers instead of server name.

I suspect (and hope :) ) that the rules listed by the OP were only part
of a bigger rule set, and the drop policy rule was only included to give
more context. If this is not the case, I agree with Virgo.

Kind regards,
-- 
Andrej

Reply to:

References:
- how to only allow tcp on dport 443 on the OUTPUT chain?
  - From: erikmccaskey64 <erikmccaskey64@zoho.com>
- Re: how to only allow tcp on dport 443 on the OUTPUT chain?
  - From: Virgo Pärna <virgo.parna@mail.ee>

Prev by Date: what is the “Online Certificate Status Protocol”
Next by Date: Re: how to only allow tcp on dport 443 on the OUTPUT chain?
Previous by thread: Re: how to only allow tcp on dport 443 on the OUTPUT chain?
Next by thread: Re: how to only allow tcp on dport 443 on the OUTPUT chain?
Index(es):
- Date
- Thread