My goal here is to try to prevent xwindows applications from being run by local users and displayed on remote terminals (ultimately, I want them to be able to run only through ssh, but that's not important). My best guess at preventing outgoing xwindows connections involves iptables, but for the life of me I haven't been able to set up the rules properly so that these outgoing connections are blocked.

Most of the documentations I have come across involve rules like this:
iptables -D OUTPUT -s localhost -o eth0 -p tcp --dport x11 -j DROP

I have also tried replacing the 'x11' with specific port numbers and the connections still get through.

How would I go about setting up such rules, or is there a better way to restrict the X protocol like that?

I am running slackware 9.1 with kernel 2.4.24.

Thanks

I guess it's a typo but I mention anyway.
iptables -D OUTPUT -s localhost -o eth0 -p tcp --dport x11 -j DROP
would delete a rule it should be something like
iptables -I OUTPUT -s localhost -o eth0 -p tcp --dport x11 -j DROP
which will insert a new rule as the first rule making sure that any other rules let it through.

Other than that it seems ok.

Whoops, my bad. I was actually try in the -A switch. maybe i'll try that one.

Thanks

Still no go. the programs still run remotely.

why dont you:

iptables -F output <-----------------------That will clear the output chain
iptables -A output -j LOG <---------------That will log everything
iptables -A output -j DROP <--------------That will drop everything so nothing can get through

and then try your programs ... then youll know how they are getting through.

add the rules you need into your original rules and your set.