micheal wrote:
On Sun, 2005-01-30 at 04:53 -0500, Robert L Cochran wrote:Thank you. I am assuming that the Security Level applet adds its own iptables rules. Is this correct? So it would drop all inbound connections on all ports to start with, and allow in only the the connections I permit through the applet.
Gain Paolo Mureddu wrote:
Thank you. How do I implement iptables rules without interfering with what the Security Level applet sets?Robert L Cochran wrote:
On Fedora Core 3, I want to enable the firewall, permitting inbound TCP connections from anywhere on port 80. I also want to allow inbound connections on port 3306 but only from hosts 192.168.1.1 and 192.168.1.2.I (as the other posters) will recommend you to learn iptables, and if you want a very easy way to configure your firewall and build *quite* complex per-interface rule sets, I'd strongly recommend you take a look at fwbuilder (there are the packages for it in the pre-extras repo [http://fedoraproject.org/pre-extras])
It looks like I can't do this from the Applications --> System Settings --> Security Level GUI. I can allow ports 80 and 3306, but it doesn't look like I can limit the port 3306 connections to just 2 specific hosts. I would have to craft an IPTABLES script. Am I right here, and if so, what would be the right way to add specific IPTABLES rules without interfering with the Security Level applet?
Thanks
Bob Cochran Greenbelt, Maryland, USA
Bob
Very simply, open up a terminal, su over to root. Add the iptables
rules tgat you want.
When you are finshed, service iptables save will make them permanent
MC
If I'm right about the above, then I can just do what you say: just add the new iptables rules I'm interested in, enter 'service iptables save', and they become permanent. Am I still right?
Now suppose I screwed up and made a mistake. Can I change the rules I messed up?
Thanks
Bob
