dansguardian + firewall issues

Gabriel Gunderson gabe at gundy.org
Sat Apr 24 17:17:11 MDT 2010

On Sat, Apr 24, 2010 at 3:08 PM, Brett Rasmussen
<brett.rasmussen at twoedge.com> wrote:
> I'm wondering if someone can help me understand what I need to do here. I'm
> not very savvy about firewall rules at all, so the Jack & Jill version of
> any direction you might offer would be appreciated.

I'm not very good at this kind of thing, but I'll give it a shot...

>>> Jack and Jill went up the hill <<<
Presumably, this is egress filtering.  So, something like this should work:
sudo iptables -A OUTPUT -j ACCEPT

>>> To fetch a pail of water. <<<
Lot's of ways to do this, but here's an easy and pretty common one:
wget -O - -q --user-agent=bucket
http://www.google.com/search?q=pail+of+water | html2text

>>> Jack fell down and broke his crown <<<
It's anyone's guess what this means, but my money is on "ICMP
destination-unreachable"  You'll need to get wireshark wedged in there
to be sure.

>>> And Jill came tumbling after. <<<
This one is pretty obvious:
sudo iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Well, I'm sure the list has more wisdom to share, but I thought I'd do my part.

Good luck!


More information about the PLUG mailing list