really, try shorewall:I am using http to security.debian.org and mirror.ac.uk. When opening up port 80(http) it makes no difference. I think this is beacause I am not running a service to connect i.e. connecting to port 80 on a remote system from an unprivalged port >1024? Does this mean it will use a different port every time?
apt-get install shorewall (and maybe shorewall-doc)
it'll put your iptables stuff into a sensible order.
I think what you want to do is open an OUPUT where --dport=80
-g
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
