Forgive me ... I forget define allow DNS on outgoing ....
 
Thanks

Tom Eastep <teastep@shorewall.net> 說:
Wilson Kwok wrote:
> I already set the policy like this:
>
> loc net DROP info
>
> and then set /usr/share/shorewall/macro.HTTP lise this:
>
> PARAM - - tcp 80
>
> and
>
> HTTP/ACCEPT loc net
>
> after that all outgoing traffic blocked :(

What about DNS? How are your browsers going to resolve URLs???

-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

_______________________________________
YM - 離線訊息
就算你沒有上網,你的朋友仍可以留下訊息給你,當你上網時就能立即看到,任何說話都冇走失。
http://messenger.yahoo.com.hk