On 2016-05-24 00:01, Ralph Sanchez wrote: > Also, it seems if I only allow Related and Established on OUTPUT I > cannot access the internet, 90 percent of packets get dropped when I > try to connect to anything, but allowing new established allows > connection...but also any software would be able to call home.
That is correct behaviour, since there always needs to be a NEW connection before any other may be RELATED or ESTABLISHED. Hence, if you want to block outgoing traffic, you should allow at least ports 80 and 443 as you did before. I assume you want your browser to be ablte to call anywhere, right? Hence also home. Who tells you, that your browser is not a malicious program? Or run by such a program?
