Here's what I've used in the past. It allows connections for certain ports/places and then drops everything else as the last item.
http://linux.duke.edu/~skvidal/misc/iptables-template it's pretty painless, really. If we want to add explicit outbound rules, too, that's fine, but I'd advise enabling logging b/c that stuff is easy to get wrong. :) This is just a sample but it's simple and straightforward. -sv
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Fedora-infrastructure-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
