View Single Post
Old 8th March 2006, 04:57
tobiasly tobiasly is offline
Junior Member
Join Date: Mar 2006
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts

Hello Tenaka, when you apply rules to outboud traffic, it looks at the ports you're trying to connect *to*, not the ports you're connecting *from*. So for example you may need to open outbound port 80 (HTTP) if you use wget to download files. You'll need to open all the FTP ports if you want to use an ftp client or wget to connect to FTP sites from your box.

The 5-minute test period is in case you are connected remotely, and you really screw up your firewall so that you can't even connect via SSH. Ordinarily you would be screwed in that scenario, but with the 5-minute "trial" period, if you find your SSH is blocked, just wait 5 minutes and try again.

After the 5 minutes, *ALL* rules are dropped and your machine is wide open again just like you had no firewall. So if this is on a machine you have physical access to, you don't need the test mode and you can turn it off, because you can still connect through the console.

Of course once everything is working correctly, you'll need to take it out of test mode!
Reply With Quote