Am Fr, den 03.09.2004 schrieb Cassius V. de Magalhaes um 14:35: > Following is the iptable's rule configuration: > "# Firewall configuration written by system-config-securitylevel > # Manual customization of this file is not recommended. > *filter > :INPUT ACCEPT [0:0] > :FORWARD ACCEPT [0:0] > :OUTPUT ACCEPT [0:0] > :RH-Firewall-1-INPUT - [0:0] > -A INPUT -j RH-Firewall-1-INPUT > -A FORWARD -j RH-Firewall-1-INPUT > -A RH-Firewall-1-INPUT -i lo -j ACCEPT > -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT > -A RH-Firewall-1-INPUT -p 50 -j ACCEPT > -A RH-Firewall-1-INPUT -p 51 -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT > -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited > COMMIT" > > Is it the RH-Firewall-1-INPUT a chain? Yes. > The system-config-securitylevel is so basic, could I change it manually? You can. But: "# Manual customization of this file is not recommended." So be sure you do fully understand what you are doing. Read very carefully the www.netfilter.org documentation about netfilter/iptables. If you do something wrong in the /etc/sysconfig/iptables file the whole service will not start any more, besides the risk you open up wholes in the wall. > Does the above configuration protect me from anything? From "anything"? No, certainly not. Alexander -- Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13 Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.8-1.521smp Serendipity 18:21:24 up 4 days, 15:38, load average: 1.65, 2.12, 1.94
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
