On Thu, 26 Apr 2012 10:56:47 +0800 Bill Sun <cap.sensitive@gmail.com> wrote:
On Wed, Apr 25, 2012 at 12:35:46PM -0500, Leonid Isaev wrote:
Assuming you are running a desktop machine, why would you want to DROP by default all outgoing traffic? AFAICT google voice app makes you browser establish some UDP connecyions + https. So here are few observations regarding your ruleset: 1. Default policy for OUTPUT should be ACCEPT and all following OUTPUT rules should be removed. Also, default DROP policy for INPUT is just impolite -- use REJECT instead. 2. Unless you have a good understanding of ICMP (which is way more than ping), all icmp should be allowed (please don't tell me about pings of death or DoS because of ping floods). Good points. I've made changes regarding to your instruction.
So... does your GV work now? -- Leonid Isaev GnuPG key: 0x164B5A6D Fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D