If it is a client machine and has a default DROP policy on incoming packets, then ALLOW packets associated with open connections. You probably don't need any other special rules. Just set up policies to allow OUTPUT packets on the ports you want. Only associated packets will be accepted IN.
- NetFilter connection tracking Olaf Meeuwissen
- Re: NetFilter connection tracking Dale Amon
- Re: NetFilter connection tracking Olaf Meeuwissen