it's a normal desktop machines iptables firewall: If i want to block udp on dport 80 on the output chain, then is this enough? i want to only allow tcp on it! iptables -P OUTPUT DROP iptables -A OUTPUT -o $PUBIF --dport 80 -j ACCEPT or i need this rule? iptables -P OUTPUT DROP iptables -A OUTPUT -o $PUBIF -p tcp --dport 80 -j ACCEPT the second one is the good one? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20110308/e354961f/attachment-0004.html>