34,333
edits
Changes
→Understanding the lokkit Firewall Customization Screen
== Understanding the lokkit Firewall Customization Screen ==
The lokkit customization screen needs a little explanation. The first settings list the network devices present in the system and provides the option to set one or more of these as being trusted devices. Essentially data coming via a trusted device is not subject to any rules imposed by the firewall. This is useful if you have asystem where one network device is connected to the outside world via an internet connection and another device is connected to a trusted, internal network. Assuming you truly trust the internal network and all the systems on it, then you can mark that device as being trusted.
The second section of the screen controls access to a number of different services which may or may not be running on your Ubuntu Linux system. Descritions of these are as follows:
'''DHCP''' - This refers to the Dynamic Host Configuration Protocol. This is a system by which devices are dynamically provided IP addresses instead of having static IP addresses manually assigned by users or system administrators. If you obtain your address from a DCHP server (such as one built into a wireless router or provided by your company) then you will want to enable DHCP on this page to enable your system to negotiate with the DHCP server to obtain an IP address.
'''SSH''' - The secure shell provides an encrypted mechanism for allowing password protected remote access to your system. With SSH you can remotely log into to your system, copy files to and from your system and anotehr system and perform remote execution of programs. If you need remote access to your system you will need to activate this. If you do not need remote access leave this disabled.
'''Telnet''' - Telnet provides remote terminal access to your system. It does not use encryption and use is strongly discouraged. Leave this disabled and use SSH instead fopr remote access.
'''WWW (HTTP)''' - If you are hosting a web serv eron your Ubuntu Linux System you will need to enable HTTP traffic through the firewall to enable web page requests to reach the http server. If you do not plan to host a web server leave this disabled.
'''mail (SMTP)''' - Specified whether the firewall block Simple Mail Transfer Protocol traffic. This is only necessary if you are hosting a mail server on your Ubuntu Linux system. If you only use a mail client to download email from a POP3 or IMAP server you can safely leave this disabled.
'''FTP''' - Controls whether File Transfer Protocol traffic is permitted through the firewall. Unless you plan to set up an ftp server (unlikely for typical users) leave this option disabled.
