Enable Firewall, But Allow Specific Inbound Connections
micheal
sundance at sundanceloki.com
Sun Jan 30 23:06:26 UTC 2005
On Sun, 2005-01-30 at 04:53 -0500, Robert L Cochran wrote:
> Gain Paolo Mureddu wrote:
>
> > Robert L Cochran wrote:
> >
> >> On Fedora Core 3, I want to enable the firewall, permitting inbound
> >> TCP connections from anywhere on port 80. I also want to allow
> >> inbound connections on port 3306 but only from hosts 192.168.1.1 and
> >> 192.168.1.2.
> >>
> >> It looks like I can't do this from the Applications --> System
> >> Settings --> Security Level GUI. I can allow ports 80 and 3306, but
> >> it doesn't look like I can limit the port 3306 connections to just 2
> >> specific hosts. I would have to craft an IPTABLES script. Am I right
> >> here, and if so, what would be the right way to add specific IPTABLES
> >> rules without interfering with the Security Level applet?
> >>
> >> Thanks
> >>
> >> Bob Cochran
> >> Greenbelt, Maryland, USA
> >>
> > I (as the other posters) will recommend you to learn iptables, and if
> > you want a very easy way to configure your firewall and build *quite*
> > complex per-interface rule sets, I'd strongly recommend you take a
> > look at fwbuilder (there are the packages for it in the pre-extras
> > repo [http://fedoraproject.org/pre-extras])
> >
> Thank you. How do I implement iptables rules without interfering with
> what the Security Level applet sets?
>
> Bob
>
Very simply, open up a terminal, su over to root. Add the iptables
rules tgat you want.
When you are finshed, service iptables save will make them permanent
MC
More information about the fedora-list
mailing list