DEV Community


Discussion on: Securing your Linux desktop using iptables firewall rules

phanthaihuan profile image
Huan Phan

Dear sir, Can you consider Rule #4 and #7. I think we could ignore --sport. So we can modify like this:

4: allow outbound DHCP requests

-A OUTPUT -p udp --dport 67:68 -j ACCEPT

7: allow outbound NTP requests

-A OUTPUT -p udp --dport 123 -j ACCEPT

Because source port will be randomed when establish new connection.

What do you think?