Quote:
#((2) Loopback
#Always allow loopback traffic
iptables -A INPUT -s 127.0.0.1 -d 127.0.0.1 -i lo -j ACCEPT
iptables -A OUTPUT -s 127.0.0.1 -d 127.0.0.1 -o lo -j ACCEPT
|
Loose the restrictions on the loopback interface. Not all localhost traffic is from/to 127.0.0.1. It may use any of your local interface's IP address.
[QUOTE ]iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT[/QUOTE]
If you want a functional connection, append NEW to --state in the OUTPUT rule. The internet isn't only port 80, not even the web which may use 443 (https) too. What about 25 (smtp), 110 (pop3), et cetera and their SSL equivalents?