how to reduse false positives?

[bradw]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

i wondering if there is a generaly execepted way to help reduse false
positives that i feal are being caused by my nat/proxy making requests
from ports that i am droping on my iptables.
 correct me if im wrong, but here is my thinking, request goes to squid
and squid grabes a random port and requests the page. i am droping several
high ports hoping to protect my winddows clients, and ocasionaly squid
makes a request from one of those ports, which is of cource not going to work
because iptables dropes the reply when it comes back.
ok, squid is not the only problem, im doing nat for some stuff on my
network, and nat apears to do the same thing.

so i guess the question is, is there some program i can run my linux box
that will make these port unavailabe to aplications somehow? or do i not
have my iptables set up corectly?

- -- 
Brad Wyman
bradw at sta-care.com
PGP Fingerprint: 8B1E E12F 3982 0D54 E01C  DFD3 898B 6CA3 ED6F 3E56
- --
Arthur Dent: "What's so unpleasant about being drunk?"
Ford Prefect: "You ask a glass of water."
- - Douglas Noel Adams, 1952 - 2001
- - DNA, so long and thanks for all the books

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8RaRTiYtso+1vPlYRAn25AJ45T9gVjAwMeXBavZh0Vzxcqh4hdQCfU1GV
5LkROL5xK4scbUUWW3E3QXQ=
=IFKe
-----END PGP SIGNATURE-----