Re: Enable Firewall, But Allow Specific Inbound Connections

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 2005-01-29 at 20:32 -0500, Robert L Cochran wrote:
> On Fedora Core 3, I want to enable the firewall, permitting inbound TCP 
> connections from anywhere on port 80. I also want to allow inbound 
> connections on port 3306 but only from hosts 192.168.1.1 and  192.168.1.2.
> 
> It looks like I can't do this from the Applications --> System Settings 
> --> Security Level GUI. I can allow ports 80 and 3306, but it doesn't 
> look like I can limit the port 3306 connections to just 2 specific 
> hosts. I would have to craft an IPTABLES script. Am I right here, and if 
> so, what would be the right way to add specific IPTABLES rules without 
> interfering with the Security Level applet?
----
yeah - it's a very basic tool

If you want to start messing with iptables...it's not hard - I've always
used David Ranch's trinity os think stuff 

http://www.ecst.csuchico.edu/~dranch/LINUX/ipmasq/c-html/stronger-
firewall-examples.html#RC.FIREWALL-2.4.X-STRONGER

but basically, you can simply add rules to that which you created with
the system-config-securitylevel and the issue the command 'service
iptables save' but that is mindless...if you ever run the system-config-
securitylevel again, you will wipe out any custom stuff you added.

I think this is how you would do one of the lines...
/sbin/iptables -A INPUT -i eth0 -s 192.168.1.1/32 -p tcp --dport 3306 -j
ACCEPT

Craig


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux