outbound policy for tcp 80

outbound policy for tcp 80

[P theodorou]

I have restricted all the connections apart from port 53, 443 and 80 on the 
forward chain. My computer uses eth1 with eth0 beeing the firewall computer.

Unfortunately when testing the outbound performance of the firewall with 
leak testers etc.. (little applications on the web) i discover that they use 
port 80 to transmit info to remote hosts. Fine and logical . How can i avoid 
this using iptables rules. I do need though Internet access.


Regards

Re: outbound policy for tcp 80 (nfcan: addressed to exclusive sender for this address)

[Jim Laurino]

On 2005.11.19 17:39, P theodorou - props666999@hotmail.com wrote:
> I have restricted all the connections apart from port 53, 443 and 80 on the  
> forward chain. My computer uses eth1 with eth0 beeing the firewall computer.
> 
> Unfortunately when testing the outbound performance of the firewall with  
> leak testers etc.. (little applications on the web) i discover that they use  
> port 80 to transmit info to remote hosts. Fine and logical . How can i avoid  
> this using iptables rules. I do need though Internet access.

As far as I know, you can NOT do what you want with iptables rules.
The usual approach to what you want to do is to use a proxy server.

http://www.squid-cache.org/

-- 
Jim Laurino
nfcan.x.jimlaur@dfgh.net
Please reply to the list.
Only mail from the listserver reaches this address.