[KLUG Members] More on the IPChains problem

Adam Williams members@kalamazoolinux.org
Fri, 7 Jun 2002 14:56:34 -0400 (EDT)

Previous message: [KLUG Members] More on the IPChains problem
Next message: [KLUG Members] More on the IPChains problem
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>I played some with lokkit. It does NOT appear to generate
>any rules concerning OUTPUT; only rules for the INPUT chain

FYI: I've never used (or seen) lokkit

There really isn't much reason to much on the OUTPUT chain.  The input 
chain is the most effective place to "block" traffic.

>seem to be addressed. Moreover, it would seem that the in-
>put chain I posted in the first message is at least as
>restrictive (and perhaps more so) than the "HIGH" level
>option offered on the lokkit panel.
>If someone wants to take the time to read the ruleset and 
>provide some insight I would be most grateful.

I'll take a look.

My method (when I get confused) is to -

1. Allow everything
2. Start blocking things until what I want to work STOPS working.  Then I 
know what to allow. :)  This works with some really odd apps that don't 
clearly state what they need.

or

Use a packet reader to see what is going on.

Previous message: [KLUG Members] More on the IPChains problem
Next message: [KLUG Members] More on the IPChains problem
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]