helped write the rules for iptables:
to prohibit all incoming and outgoing, and allow outgoing connections only to one group, which includes several programs.
Can we get a little clarification here?
helped write the rules for iptables
Are you claiming that you have helped to write rules for iptables or are you asking for help in writing an iptables ruleset?
to prohibit all incoming and outgoing
As stated above, that is the easiest of requirements, but
allow outgoing connections only to one group, which includes several programs
you seem to be stating that you want to allow a group of programs as an exception to this block of all the outgoing connections. you’ll need to do something other than just say ‘a group of programs’. I’m not sure that there will be a useful way of defining the programs as a group for iptables, so you’ll probably have to list which programs they are.
Is there any reason why you aren’t using yast to configure the SuSE firewall to do this?
like this, but it does not work
-P INPUT DROP
-P OUTPUT DROP
-A OUTPUT -m owner --gid-owner 444 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
Firewall Configuration in YaST no such function with a resolution of groups and ban all other connections