Technical Details

Protocols allowed

Egress traffic for the following IP protocols are not blocked:

TCP Port	Use
22	SSH (secure shell)
80	HTTP (web access)
110	POP3 (inbox access)
143	IMAP (inbox access)
443	HTTPS (secure web access)
465	SMTPS (secure mail submission)
587	SMTP (mail submission)
993	IMAPS (secure inbox access)
995	POP3S (secure inbox access)
1723	PPTP (VPN)
5190	AOL/AIM
UDP Port	Use
500-599	ISAKMP and other UDP VPN traffic
1701	L2TP (VPN)
4500	Cisco PIX (VPN)
Other IP	Use
ipencap (4)	IP Encapsulation (VPN)
esp (50)	Encapsulating Security Payload (VPN)
gre (47)	Generic Routing Encapsulation (VPN)

In particular, note that SMTP, FTP, IRC, and any ICMP traffic is blocked. Any requests for DNS or NTP will be redirected to an internal server (which will handle the request, so name lookups and clock updates will work as expected).