You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What primitives would make sense here? We could add qualifiers to the port spec, such as i and o to indicate inbound and outbound rules. For example, t8080o would add a rule for TCP to port 8080 outbound. This could make sense on a client, whereas t8080i would mean inbound, e.g., on a proxy server.
This brings up the question of what the default policy for outbound should be. We could say that if one or more outbound rules exist, we use default-deny for outbound and default-allow otherwise. It might be a bit too much magic though.
We should try to restrict outbound connections in some way.
The text was updated successfully, but these errors were encountered: