What are you hoping to accomplish with these rules? What services are you running that a remote user might try to connect to?

File: file.png (36 KB, 865x513)

36 KB PNG

>>107092591
mine is better

If your only goal is to browse the web, it's probably good enough.
Though if you want to set up an email client you might run into issues. Also if you want to ssh into a server in the cloud or host a gaming server, you'll have to change the firewall rules

>>107092591
>posting his ip
Lern2opsec, newfag, prepare ur anus

>>107092762
baited by private IP kek

>>107092762
based retard

File: 1745470838027631.png (1 KB, 162x61)

1 KB PNG

>>107092591
>>107092741

>>107092591
Use case for denying outgoing to every port under 1025 except DNS and HTTP/S?
What specifically does that deny that you want to deny?

>>107094354
< 1025 are the privileged ports

>linux toy firewall
Get a Fortigate, faggot OP, then we can talk

File: Screenshot 2025-11-03 143013.jpg (30 KB, 248x287)

30 KB JPG

summat like that. 'niggers' has a bunch of specific ips and ranges that skirted the rules one way or another. also hosts nulls a slew of urls.

File: 1756216777604865.png (11 KB, 400x455)

11 KB PNG

>>107094544
it's better to just default deny outbound and only add stuff as necessary >>107094016

and then temporarily let the flood gates open for windows update and such

>>107094985
it is like that. most of the time the http/s rule is disabled.
run wireshark on another computer acting as a router. it will catch things you swear are impossible.
also stop using mas

>>107095167
>run wireshark on another computer acting as a router. it will catch things you swear are impossible.
i've done so
nothing happens except dns (dnscache) occasionally pinging microsoft servers but nothing is transferred of course so i don't care
>also stop using mas
what?

File: snitch.png (709 KB, 1591x679)

709 KB PNG

>>107092591
you should be using opensnitch to filter outgoing traffic on your desktop
on server you should allow to specific hosts only