dansguardian + firewall issues
gabe at gundy.org
Sat Apr 24 17:17:11 MDT 2010
On Sat, Apr 24, 2010 at 3:08 PM, Brett Rasmussen
<brett.rasmussen at twoedge.com> wrote:
> I'm wondering if someone can help me understand what I need to do here. I'm
> not very savvy about firewall rules at all, so the Jack & Jill version of
> any direction you might offer would be appreciated.
I'm not very good at this kind of thing, but I'll give it a shot...
>>> Jack and Jill went up the hill <<<
Presumably, this is egress filtering. So, something like this should work:
sudo iptables -A OUTPUT -j ACCEPT
>>> To fetch a pail of water. <<<
Lot's of ways to do this, but here's an easy and pretty common one:
wget -O - -q --user-agent=bucket
http://www.google.com/search?q=pail+of+water | html2text
>>> Jack fell down and broke his crown <<<
It's anyone's guess what this means, but my money is on "ICMP
destination-unreachable" You'll need to get wireshark wedged in there
to be sure.
>>> And Jill came tumbling after. <<<
This one is pretty obvious:
sudo iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Well, I'm sure the list has more wisdom to share, but I thought I'd do my part.
More information about the PLUG