You most likely want to allow outbound dns and the subsequent reply
Keep in mind that blocking outbound usually requires a few more
allowances than just the basic service you plan the box to provide.
NTP also springs to mind, so that you can keep the clock in sync.
You can also allow ping requests and limit the rate and packet size,
which gives you the niceties of being able to determine some level of
connectivity, whilst reducing scope for abuse.
Dean
Rick Phillips wrote:
I am not very good at IPTables and was seeking opinions as to whether
this formula would work to fully block a connection from computer A to B
but allow ssh and web only from B to A. The tables would reside on A.
iptables -A INPUT -m multiport -p tcp --dport www,ssh -i ethX -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o ethX -j DROP
The network is off site and quite a distance away with no external admin
so I would like to have it "right" before I visit.
Thanks in advance.
Rick
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html