[arch-general] Google Voice through iptables?

Leonid Isaev lisaev at umail.iu.edu
Thu Apr 26 11:28:00 EDT 2012


On Thu, 26 Apr 2012 10:56:47 +0800
Bill Sun <cap.sensitive at gmail.com> wrote:

> On Wed, Apr 25, 2012 at 12:35:46PM -0500, Leonid Isaev wrote:
> > Assuming you are running a desktop machine, why would you want to DROP by
> > default all outgoing traffic? AFAICT google voice app makes you browser
> > establish some UDP connecyions + https. So here are few observations
> > regarding your ruleset:
> > 1. Default policy for OUTPUT should be ACCEPT and all following OUTPUT
> > rules should be removed. Also, default DROP policy for INPUT is just
> > impolite -- use REJECT instead.
> > 2. Unless you have a good understanding of ICMP (which is way more than
> > ping), all icmp should be allowed (please don't tell me about pings of
> > death or DoS because of ping floods).
> Good points. I've made changes regarding to your instruction.
> 

So... does your GV work now?

-- 
Leonid Isaev
GnuPG key: 0x164B5A6D
Fingerprint: C0DF 20D0 C075 C3F1 E1BE  775A A7AE F6CB 164B 5A6D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20120426/ded04674/attachment.asc>


More information about the arch-general mailing list