On Sun, 2005-01-30 at 04:53 -0500, Robert L Cochran wrote: > Gain Paolo Mureddu wrote: > > > Robert L Cochran wrote: > > > >> On Fedora Core 3, I want to enable the firewall, permitting inbound > >> TCP connections from anywhere on port 80. I also want to allow > >> inbound connections on port 3306 but only from hosts 192.168.1.1 and > >> 192.168.1.2. > >> > >> It looks like I can't do this from the Applications --> System > >> Settings --> Security Level GUI. I can allow ports 80 and 3306, but > >> it doesn't look like I can limit the port 3306 connections to just 2 > >> specific hosts. I would have to craft an IPTABLES script. Am I right > >> here, and if so, what would be the right way to add specific IPTABLES > >> rules without interfering with the Security Level applet? > >> > >> Thanks > >> > >> Bob Cochran > >> Greenbelt, Maryland, USA > >> > > I (as the other posters) will recommend you to learn iptables, and if > > you want a very easy way to configure your firewall and build *quite* > > complex per-interface rule sets, I'd strongly recommend you take a > > look at fwbuilder (there are the packages for it in the pre-extras > > repo [http://fedoraproject.org/pre-extras]) > > > Thank you. How do I implement iptables rules without interfering with > what the Security Level applet sets? > > Bob > Very simply, open up a terminal, su over to root. Add the iptables rules tgat you want. When you are finshed, service iptables save will make them permanent MC
