Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Outbound filtering #9

Open
eric93 opened this issue Apr 5, 2015 · 1 comment
Open

Outbound filtering #9

eric93 opened this issue Apr 5, 2015 · 1 comment
Labels
enhancement

Comments

@eric93
Copy link

eric93 commented Apr 5, 2015

We should try to restrict outbound connections in some way.
@mavam
Copy link
Member

mavam commented Apr 7, 2015

What primitives would make sense here? We could add qualifiers to the port spec, such as i and o to indicate inbound and outbound rules. For example, t8080o would add a rule for TCP to port 8080 outbound. This could make sense on a client, whereas t8080i would mean inbound, e.g., on a proxy server.

This brings up the question of what the default policy for outbound should be. We could say that if one or more outbound rules exist, we use default-deny for outbound and default-allow otherwise. It might be a bit too much magic though.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mavam @eric93