[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: decrypting iptables?



Tim wrote:
On Mon, 2008-12-01 at 17:36 -0500, Bill Davidsen wrote:
Do you have any ESTABLISHED that you wouldn't ACCEPT? I just take them
all.

Can't think of any at the moment, though there's some RELATED traffic
that I might have trepidations about.  I don't know what the rules
consider to be related, but I'd be annoyed at something like the
following (which does happen).

Yes, RELATED is a different issue, and is not made easier by a lack of documentation and configuration tools. I would love to have an easy to use tool to tune that and save configuration.

e.g. You browse to a website, and it connects back to you to look at
your identd service (if you have one), regardless of whether you're
logging on or browsing anonymously.

I want "related" to mean appropriately related traffic to what I'm
doing, not anything back from something that I've made some sort of
connection to.

And I can well imagine parents might relent and allow IM chat, but block
the ports used for webcams and IM file transferring.



--
Bill Davidsen <davidsen tmr com>
  "We have more to fear from the bungling of the incompetent than from
the machinations of the wicked."  - from Slashdot


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]