Search This Blog

Saturday, June 22, 2013

Re: [iptables] drop or accept policy for outgoing connections.

Your first example should be:

iptables -P OUTPUT DROP
iptables -A OUTPUT -o eth0 -j ACCEPT

The difference between both is simply that in the first example you only allow outbound traffic going through your eth0 device.
If you would have multiple network devices you would still be dropping outbound traffic from the other devices.

Your second example allows outgoing traffic by default no matter what interface. If you had multiple devices you could specify to drop those with
iptables -A OUTPUT -o eth1 -j drop

So it really depends on what you prefer. But if you just want to allow outgoing traffic starting from you desktop just use your second example.

Kind Regards,

David




2013/6/22 Daniel Curtis <sidetripping@gmail.com>
Hi

I have a question about iptables and rules for OUTPUT
chain. If I have a typical desktop without any services
like SSH, Samba etc. it is better to use something like?;

iptables -P DROP
iptables -A OUTPUT -o eth0 -j ACCEPT

or it does not matter and it could be a simple one rule;

iptables -P OUTPUT ACCEPT

I'm asking because I'm curious. And frankly I've always been.

Best regards.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)