Douglas Tutty wrote: > On Tue, Jan 09, 2007 at 11:23:56AM -0800, Paul Johnson wrote: > >> Douglas Tutty wrote: >> >> > I use shorewall with default block everything all directions then open >> > things up as needed. >> >> I bet you have a rule someplace that allows outgoing traffic that's part >> of an existing connection. > > Not that I specifically put in. I __think__ that's part of the > netfilter stuff directly. I just checked my shorewall configs and > there's nothing there allowing anything from the net and very specific > stuff out.
I think shorewall assumes that you don't really want to block /all/ outbound traffic and does the right thing, then. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
