-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Andrei Popescu wrote: > On Sun, Apr 20, 2008 at 10:05:26AM +0200, Shams Fantar wrote: > >> I'm writing the iptables rules for a machine, a desktop, so, on this >> machine, the users can listen to streaming (like the BBC, or other >> radios...). Therefore, I need to open the good ports to allow the use of >> streaming. And I can't write this rule because I don't know the ports >> used by streaming... And I believe that ports can be very different >> depending on the radio. > > You only need to worry about it if you want to block *outgoing* > connections. I have a "DROP all incoming/ALLOW all outgoing" type setup > on my systems and I can listen to internet radio without problems (in > fact it runs almost 24/7). > > Some people might consider my "ALLOW all outgoing" to be too lax, but I > am the only user and I only install programs from Debian sources. > > Regards, > Andrei
That works ! Thanks for your answers. ;-) The solution is : iptables -A OUTPUT -o eth0 -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT - -- Shams Fantar (Website : http://snurf.info) My public GPG Key : http://snurf.info/sfantar.gpg « A book is like a garden carried in the pocket. » -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFICzEF5ChwvXmalbURAoTDAJ93ORyzJ1Z3n9bWz3BaXKSmbtWdDQCglO4d 9zAf2ey3Zwfn7gnE9ZWYn3o= =Sm9T -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
