A firewall is a vital component in protecting a computer system, or network of computers from external attack (typically from an internet connection). Any computer connected directly to an internet connection must run a firewall to protect against malicious activity. Similarly, any internal network must have some form of firewall between it and an external internet connection.
A firewall is a vital component in protecting a computer system, or network of computers from external attack (typically from an internet connection). Any computer connected directly to an internet connection must run a firewall to protect against malicious activity. Similarly, any internal network must have some form of firewall between it and an external internet connection.
Fedora Linux is supplied with powerful firewall technology known as ''iptables'' built-in. Entire books can, and indeed have, been written about configuring iptables. If you would like to learn about ''iptables'' we recommend [http://www.linuxtopia.org/Linux_Firewall_iptables/index.html Linux Firewall Configuration - Packet Filtering and iptables].
Fedora Linux is supplied with powerful firewall technology known as ''iptables'' built-in. Entire books can, and indeed have, been written about configuring iptables. If you would like to learn about ''iptables'' we recommend [http://www.linuxtopia.org/Linux_Firewall_iptables/index.html Linux Firewall Configuration - Packet Filtering and iptables].
−
Fortunately Fedora Linux also provides some tools which make firewall configuration easy for the average user. This chapter will cover the steps necessary to configure a Fedora Linux firewall using those tools.
+
Fortunately Fedora Linux also provides some tools that make firewall configuration easy for the average user. This chapter will cover the steps necessary to configure a Fedora Linux firewall using those tools.
== Fedora Linux Firewall Options ==
== Fedora Linux Firewall Options ==
Enter your password when prompted. Once loaded, the security level tool should appear as follows:
Enter your password when prompted. Once loaded, the security level tool should appear as follows:
−
<google>ADSDAQBOX_FLOW</google>
+
<htmlet>adsdaqbox_flow</htmlet>
== Configuring Other Ports ==
== Configuring Other Ports ==
−
The list of well known ports are not, of course, the only ports available. In fact there are thousands of ports available for use by applications and services. To open a specific port use the ''Other ports'' category of the Firewall Configuration tool. To open a port, click on the ''Add'' button to display the ''Port and Protocol'' dialog shown below:
+
The list of well known ports are not, of course, the only ports available. In fact there are thousands of ports available for use by applications and services. To open a specific port, use the ''Other ports'' category of the Firewall Configuration tool. To open a port, click on the ''Add'' button to display the ''Port and Protocol'' dialog shown below:
Port forwarding is used in conjunction with masquerading when the Fedora system is acting as a gateway to the internet for an internal network of computer systems. Port forwarding allows traffic arriving at the firewall via the internet on a specific port to be forwarded to a particular system on the internal network. This is perhaps best described by way of an example.
Port forwarding is used in conjunction with masquerading when the Fedora system is acting as a gateway to the internet for an internal network of computer systems. Port forwarding allows traffic arriving at the firewall via the internet on a specific port to be forwarded to a particular system on the internal network. This is perhaps best described by way of an example.
−
Suppose that a Fedora system is acting as the firewall for an internal network of computers. One of the systems on the network is configured as a web server. Lets assume the web server system has an IP address of 192.168.2.20. The domain record for the web site hosted on this system is configured with the public IP address behind which the Fedora firewall system sits. When an HTTP web page request arrives on port 80 the Fedora system acting as the firewall needs to know what to do with it. By configuring port forwarding it is possible to direct all web traffic to the internal system hosting the web server (in this case, IP address 192.168.2.20), either continuing to use port 80 or diverting the traffic to a different port on the destination server. In fact, port forwarding can even be configured to forward the traffic to a different port on the same system as the firewall (a concept known as ''local forwarding'').
+
Suppose that a Fedora system is acting as the firewall for an internal network of computers. One of the systems on the network is configured as a web server. Let's assume the web server system has an IP address of 192.168.2.20. The domain record for the web site hosted on this system is configured with the public IP address behind which the Fedora firewall system sits. When an HTTP web page request arrives on port 80 the Fedora system acting as the firewall needs to know what to do with it. By configuring port forwarding it is possible to direct all web traffic to the internal system hosting the web server (in this case, IP address 192.168.2.20), either continuing to use port 80 or diverting the traffic to a different port on the destination server. In fact, port forwarding can even be configured to forward the traffic to a different port on the same system as the firewall (a concept known as ''local forwarding'').
Configure port forwarding by selecting the ''Port Forwarding'' category in the ''Firewall Configuration'' window and clicking on the ''Add'' button. This will display the following dialog:
Configure port forwarding by selecting the ''Port Forwarding'' category in the ''Firewall Configuration'' window and clicking on the ''Add'' button. This will display the following dialog:
