On Tue, Apr 21, 2009 at 9:17 PM, Antonio Olivares <olivares14031@xxxxxxxxx> wrote: > > Dear fellow Fedora users, > > According to some users, Fedora has a default firewall that adds basic protection. There is no service "firewall", but some users have pointed out that iptables takes care of this. > > [root@localhost ~]# service iptables status > Table: filter > Chain INPUT (policy ACCEPT) > num target prot opt source destination > 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED > 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 > 3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 > 4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 > 5 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited > > Chain FORWARD (policy ACCEPT) > num target prot opt source destination > 1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited > > Chain OUTPUT (policy ACCEPT) > num target prot opt source destination > > [root@localhost ~]# > > services running at boot using chkconfig > > [root@localhost ~]# chkconfig --list > NetworkManager 0:off 1:off 2:on 3:on 4:on 5:on 6:off > acpid 0:off 1:off 2:on 3:on 4:on 5:on 6:off > akmods 0:off 1:off 2:on 3:on 4:on 5:on 6:off > anacron 0:off 1:off 2:on 3:off 4:on 5:on 6:off > atd 0:off 1:off 2:off 3:on 4:on 5:on 6:off > auditd 0:off 1:off 2:on 3:on 4:on 5:on 6:off > avahi-daemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off > bluetooth 0:off 1:off 2:off 3:on 4:on 5:on 6:off > btseed 0:off 1:off 2:off 3:off 4:off 5:off 6:off > bttrack 0:off 1:off 2:off 3:off 4:off 5:off 6:off > capi 0:off 1:off 2:off 3:off 4:off 5:off 6:off > cpuspeed 0:off 1:on 2:on 3:on 4:on 5:on 6:off > crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off > cups 0:off 1:off 2:on 3:on 4:on 5:on 6:off > dnsmasq 0:off 1:off 2:off 3:off 4:off 5:off 6:off > firstboot 0:off 1:off 2:off 3:off 4:off 5:off 6:off > gpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off > haldaemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off > httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > ip6tables 0:off 1:off 2:on 3:on 4:on 5:on 6:off > iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off > irda 0:off 1:off 2:off 3:off 4:off 5:off 6:off > irqbalance 0:off 1:off 2:off 3:on 4:on 5:on 6:off > isdn 0:off 1:off 2:on 3:on 4:on 5:on 6:off > kerneloops 0:off 1:off 2:off 3:on 4:on 5:on 6:off > lm_sensors 0:off 1:off 2:off 3:off 4:off 5:off 6:off > mdmonitor 0:off 1:off 2:on 3:on 4:on 5:on 6:off > messagebus 0:off 1:off 2:on 3:on 4:on 5:on 6:off > microcode_ctl 0:off 1:off 2:on 3:on 4:on 5:on 6:off > multipathd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > mysqld 0:off 1:off 2:off 3:off 4:off 5:off 6:off > netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off > netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off > netplugd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > network 0:off 1:off 2:off 3:off 4:off 5:off 6:off > nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off > nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off > nscd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > ntpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > ntpdate 0:off 1:off 2:off 3:off 4:off 5:off 6:off > nvidia 0:off 1:off 2:on 3:on 4:on 5:on 6:off > pcscd 0:off 1:off 2:on 3:on 4:on 5:on 6:off > portreserve 0:off 1:off 2:on 3:on 4:on 5:on 6:off > psacct 0:off 1:off 2:off 3:off 4:off 5:off 6:off > rdisc 0:off 1:off 2:off 3:off 4:off 5:off 6:off > restorecond 0:off 1:off 2:off 3:off 4:off 5:off 6:off > rpcbind 0:off 1:off 2:on 3:on 4:on 5:on 6:off > rpcgssd 0:off 1:off 2:off 3:on 4:on 5:on 6:off > rpcidmapd 0:off 1:off 2:off 3:on 4:on 5:on 6:off > rpcsvcgssd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off > saslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > sendmail 0:off 1:off 2:on 3:on 4:on 5:on 6:off > setroubleshoot 0:off 1:off 2:off 3:on 4:on 5:on 6:off > slmodemd 0:off 1:off 2:on 3:on 4:on 5:on 6:off > smartd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > smolt 0:off 1:off 2:off 3:off 4:off 5:off 6:off > snmpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > snmptrapd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off > udev-post 0:off 1:on 2:on 3:on 4:on 5:on 6:off > winbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off > wine 0:off 1:off 2:on 3:on 4:on 5:on 6:off > wpa_supplicant 0:off 1:off 2:off 3:off 4:off 5:off 6:off > ypbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off > > > Which traffic if any is allowed to come in to our computers if and when we do get on the internet? > > We can use system-config-??? to configure simple iptables to change stuff around and/or get webmin? > > I know that by default Fedora provides a good basic firewall, but are there any howto's/readme's as to how to learn more about Firewalls in Fedora. > > Thanks, > > Antonio You will want system-config-firewall (or system-config-secuirtylevel that used to be the name). I'm not sure how much i can tell you until you at least try that out. -- Fedora 9 : sulphur is good for the skin ( www.pembo13.com ) -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
