Re: Border protection for Fedora

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, 12 Dec 2010 05:30:23 -0800 (PST)
S Mathias <smathias1972@xxxxxxxxx> wrote:

> I have a small, simple firewall "script":
> http://pastebin.com/raw.php?i=NChRyqVu

Seems OK.  I've found through experience that limiting outgoing
connections will sometimes cause issues.  I suspect it is because the
applications are more flexible on ports than the rules allow for.

And the drop invalid runs into issues with timeout in the firewall.  If
a connection is up but inactive for over 60 seconds, the firewall drops
it, leading subsequent communication to be dropped.

> 
>  - unnecessary things in it [if it contains any, like are there
> solutions for write multiple destination ip's in one line?]
>  - missing thing, that could be in a firewall, to make it
> _SAFER/BETTER_!

Why are you using multiple destinations for the http and https rule
instead of having two different rules?

> 
> TODO's/Q's [please help!]: 
> 1) where do i have to put the "iptables-restore FROMTHEFILE" command
> [to set the firewall when e.g.: booting the pc] on Fedora?

/etc/sysconfig/iptables

Make the firewall you want and then run iptables-save and it will be
stored there.

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux