Firewalls work both ways. You can use them to keep bad traffic from the outside coming in, as well as keeping bad traffic from the inside going out. Worms, mail connections, and X11 sessions are just a few examples of “bad traffic” depending on your security policy. But how do you test this quickly and consistently? Many times a change in the rules in one area can affect rules in other.

This is perhaps a good moment to talk about the concept of firewalls in general (we promise to be brief!) and why the very first diagnostic procedure we talk about is specifically the most important. A firewall is not a router; nor is it a gateway. It’s a compartmentalization tool. If the whole reason you picked ...