Thanks Tom, I did check the log and saw the ip address, but MS is notorious for using rotating ip's for their sites (at least in my experience).
I'm running this on a LEAF UcLibc box. Is a leaf box capable of running squid? I don't care about doing caching, just traffic control. Rob -----Original Message----- From: Tom Eastep [mailto:[EMAIL PROTECTED] Sent: Sunday, September 16, 2007 7:23 PM To: [EMAIL PROTECTED]; Shorewall Users Subject: Re: [Shorewall-users] Rules problem Rob Ogle wrote: > I’ve got windows defender loaded on the machines and unless I allow > full access to the ‘net, it can’t update. Nonsense. a) Look at your log to see what traffic is getting blocked. b) Use Shorewall FAQ 17 to determine what rule(s) you need to add. Or: Switch to using a more appropriate tool for exercising your big-brother tactics. Most people of similar mind use a proxy like Squid and forbid direct loc->net access for port 80. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
