What is the loc zone? You say you only have one network interface on your machine (and you only have one in your interfaces section) but you then have both loc and net in your rules and policy file section?
Ok I'll assume you just have one computer directly connected to the net through eth0. Here's what you should have:
Code:
#########################################
rules file
ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/
# PORT PORT(S) DEST LIMIT GROUP
#
ACCEPT net fw 80
ACCEPT net fw 22
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
#########################################
policy file
#SOURCE DEST POLICY LOG LIMIT:BURST
# LEVEL
fw net ACCEPT
# THE FOLLOWING POLICY MUST BE LAST
all all DROP info
#LAST LINE -- DO NOT REMOVE
#########################################
interfaces file
#ZONE INTERFACE BROADCAST OPTIONS
#
net eth0 detect
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
This will have the following affects:
* Your computer will drop any packets coming from the internet except those going to the local ssh and web server.
* You will have full access to make connections out to the internet on any port from your local computer.
So you will have full access without restriction to use the internet. And you are also running ssh and web servers which are accessible to anyone on the internet (make sure you know what you're doing with these).