Question(s) default firewall in Fedora

Antonio Olivares olivares14031 at yahoo.com
Wed Apr 22 02:17:00 UTC 2009 

Dear fellow Fedora users,

According to some users, Fedora has a default firewall that adds basic protection.  There is no service "firewall", but some users have pointed out that iptables takes care of this.  

[root at localhost ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination         
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
2    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
4    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22 
5    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination         
1    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination         

[root at localhost ~]# 

services running at boot using chkconfig 

[root at localhost ~]# chkconfig --list
NetworkManager 	0:off	1:off	2:on	3:on	4:on	5:on	6:off
acpid          	0:off	1:off	2:on	3:on	4:on	5:on	6:off
akmods         	0:off	1:off	2:on	3:on	4:on	5:on	6:off
anacron        	0:off	1:off	2:on	3:off	4:on	5:on	6:off
atd            	0:off	1:off	2:off	3:on	4:on	5:on	6:off
auditd         	0:off	1:off	2:on	3:on	4:on	5:on	6:off
avahi-daemon   	0:off	1:off	2:off	3:on	4:on	5:on	6:off
bluetooth      	0:off	1:off	2:off	3:on	4:on	5:on	6:off
btseed         	0:off	1:off	2:off	3:off	4:off	5:off	6:off
bttrack        	0:off	1:off	2:off	3:off	4:off	5:off	6:off
capi           	0:off	1:off	2:off	3:off	4:off	5:off	6:off
cpuspeed       	0:off	1:on	2:on	3:on	4:on	5:on	6:off
crond          	0:off	1:off	2:on	3:on	4:on	5:on	6:off
cups           	0:off	1:off	2:on	3:on	4:on	5:on	6:off
dnsmasq        	0:off	1:off	2:off	3:off	4:off	5:off	6:off
firstboot      	0:off	1:off	2:off	3:off	4:off	5:off	6:off
gpm            	0:off	1:off	2:on	3:on	4:on	5:on	6:off
haldaemon      	0:off	1:off	2:off	3:on	4:on	5:on	6:off
httpd          	0:off	1:off	2:off	3:off	4:off	5:off	6:off
ip6tables      	0:off	1:off	2:on	3:on	4:on	5:on	6:off
iptables       	0:off	1:off	2:on	3:on	4:on	5:on	6:off
irda           	0:off	1:off	2:off	3:off	4:off	5:off	6:off
irqbalance     	0:off	1:off	2:off	3:on	4:on	5:on	6:off
isdn           	0:off	1:off	2:on	3:on	4:on	5:on	6:off
kerneloops     	0:off	1:off	2:off	3:on	4:on	5:on	6:off
lm_sensors     	0:off	1:off	2:off	3:off	4:off	5:off	6:off
mdmonitor      	0:off	1:off	2:on	3:on	4:on	5:on	6:off
messagebus     	0:off	1:off	2:on	3:on	4:on	5:on	6:off
microcode_ctl  	0:off	1:off	2:on	3:on	4:on	5:on	6:off
multipathd     	0:off	1:off	2:off	3:off	4:off	5:off	6:off
mysqld         	0:off	1:off	2:off	3:off	4:off	5:off	6:off
netconsole     	0:off	1:off	2:off	3:off	4:off	5:off	6:off
netfs          	0:off	1:off	2:off	3:on	4:on	5:on	6:off
netplugd       	0:off	1:off	2:off	3:off	4:off	5:off	6:off
network        	0:off	1:off	2:off	3:off	4:off	5:off	6:off
nfs            	0:off	1:off	2:off	3:off	4:off	5:off	6:off
nfslock        	0:off	1:off	2:off	3:on	4:on	5:on	6:off
nscd           	0:off	1:off	2:off	3:off	4:off	5:off	6:off
ntpd           	0:off	1:off	2:off	3:off	4:off	5:off	6:off
ntpdate        	0:off	1:off	2:off	3:off	4:off	5:off	6:off
nvidia         	0:off	1:off	2:on	3:on	4:on	5:on	6:off
pcscd          	0:off	1:off	2:on	3:on	4:on	5:on	6:off
portreserve    	0:off	1:off	2:on	3:on	4:on	5:on	6:off
psacct         	0:off	1:off	2:off	3:off	4:off	5:off	6:off
rdisc          	0:off	1:off	2:off	3:off	4:off	5:off	6:off
restorecond    	0:off	1:off	2:off	3:off	4:off	5:off	6:off
rpcbind        	0:off	1:off	2:on	3:on	4:on	5:on	6:off
rpcgssd        	0:off	1:off	2:off	3:on	4:on	5:on	6:off
rpcidmapd      	0:off	1:off	2:off	3:on	4:on	5:on	6:off
rpcsvcgssd     	0:off	1:off	2:off	3:off	4:off	5:off	6:off
rsyslog        	0:off	1:off	2:on	3:on	4:on	5:on	6:off
saslauthd      	0:off	1:off	2:off	3:off	4:off	5:off	6:off
sendmail       	0:off	1:off	2:on	3:on	4:on	5:on	6:off
setroubleshoot 	0:off	1:off	2:off	3:on	4:on	5:on	6:off
slmodemd       	0:off	1:off	2:on	3:on	4:on	5:on	6:off
smartd         	0:off	1:off	2:off	3:off	4:off	5:off	6:off
smolt          	0:off	1:off	2:off	3:off	4:off	5:off	6:off
snmpd          	0:off	1:off	2:off	3:off	4:off	5:off	6:off
snmptrapd      	0:off	1:off	2:off	3:off	4:off	5:off	6:off
sshd           	0:off	1:off	2:on	3:on	4:on	5:on	6:off
udev-post      	0:off	1:on	2:on	3:on	4:on	5:on	6:off
winbind        	0:off	1:off	2:off	3:off	4:off	5:off	6:off
wine           	0:off	1:off	2:on	3:on	4:on	5:on	6:off
wpa_supplicant 	0:off	1:off	2:off	3:off	4:off	5:off	6:off
ypbind         	0:off	1:off	2:off	3:off	4:off	5:off	6:off


Which traffic if any is allowed to come in to our computers if and when we do get on the internet?

We can use system-config-??? to configure simple iptables to change stuff around and/or get webmin?

I know that by default Fedora provides a good basic firewall, but are there any howto's/readme's as to how to learn more about Firewalls in Fedora.

Thanks,

Antonio

More information about the fedora-list mailing list