On Friday 14 February 2003 23:49, Benedict Verheyen wrote: > ########################################################################### > ### allow outside from firewall machine: ping, dns, proxy of isp (8080), > ### dhcp, news, smtp,www, imap, pop3, ftp (+ftpdata), ssh, ddt > > ### all tcp ports ### > $IPT -A inet_out -p tcp --dport 21 -j ACCEPT # ftp > $IPT -A inet_out -p tcp --dport 22 -j ACCEPT # ssh > $IPT -A inet_out -p tcp --dport 25 -j ACCEPT # smtp > $IPT -A inet_out -p tcp --dport 53 -j ACCEPT # dns > $IPT -A inet_out -p tcp --dport 80 -j ACCEPT # www > $IPT -A inet_out -p tcp --dport 110 -j ACCEPT # pop3 > $IPT -A inet_out -p tcp --dport 143 -j ACCEPT # imap > $IPT -A inet_out -p tcp --dport 1052 -j ACCEPT # ddt project ports > $IPT -A inet_out -p tcp --dport 8080 -j ACCEPT # proxy isp
Is it right (intended) that you don't allow https-type connections here? If not, add $IPT -A inet_out -p tcp --dport 443 -j ACCEPT # https You might also want to allow pop3, imap and smtp through SSL connections as well. The corresponding ports are 995, 993 and 465 respectively. Regards, Sven M�ller - IT - Network&Infrastructure - -- * Heinrich Berndes Haushaltstechnik GmbH & Co KG * Wiebelsheidestrasse 55, 59757 Arnsberg, Germany * Phone: +49 2932 475-282 / FAX: -325 * http://www.berndes.com
