Re: Question(s) default firewall in Fedora

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Apr 21, 2009 at 9:17 PM, Antonio Olivares
<olivares14031@xxxxxxxxx> wrote:
>
> Dear fellow Fedora users,
>
> According to some users, Fedora has a default firewall that adds basic protection.  There is no service "firewall", but some users have pointed out that iptables takes care of this.
>
> [root@localhost ~]# service iptables status
> Table: filter
> Chain INPUT (policy ACCEPT)
> num  target     prot opt source               destination
> 1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
> 2    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0
> 3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
> 4    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
> 5    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited
>
> Chain FORWARD (policy ACCEPT)
> num  target     prot opt source               destination
> 1    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited
>
> Chain OUTPUT (policy ACCEPT)
> num  target     prot opt source               destination
>
> [root@localhost ~]#
>
> services running at boot using chkconfig
>
> [root@localhost ~]# chkconfig --list
> NetworkManager  0:off   1:off   2:on    3:on    4:on    5:on    6:off
> acpid           0:off   1:off   2:on    3:on    4:on    5:on    6:off
> akmods          0:off   1:off   2:on    3:on    4:on    5:on    6:off
> anacron         0:off   1:off   2:on    3:off   4:on    5:on    6:off
> atd             0:off   1:off   2:off   3:on    4:on    5:on    6:off
> auditd          0:off   1:off   2:on    3:on    4:on    5:on    6:off
> avahi-daemon    0:off   1:off   2:off   3:on    4:on    5:on    6:off
> bluetooth       0:off   1:off   2:off   3:on    4:on    5:on    6:off
> btseed          0:off   1:off   2:off   3:off   4:off   5:off   6:off
> bttrack         0:off   1:off   2:off   3:off   4:off   5:off   6:off
> capi            0:off   1:off   2:off   3:off   4:off   5:off   6:off
> cpuspeed        0:off   1:on    2:on    3:on    4:on    5:on    6:off
> crond           0:off   1:off   2:on    3:on    4:on    5:on    6:off
> cups            0:off   1:off   2:on    3:on    4:on    5:on    6:off
> dnsmasq         0:off   1:off   2:off   3:off   4:off   5:off   6:off
> firstboot       0:off   1:off   2:off   3:off   4:off   5:off   6:off
> gpm             0:off   1:off   2:on    3:on    4:on    5:on    6:off
> haldaemon       0:off   1:off   2:off   3:on    4:on    5:on    6:off
> httpd           0:off   1:off   2:off   3:off   4:off   5:off   6:off
> ip6tables       0:off   1:off   2:on    3:on    4:on    5:on    6:off
> iptables        0:off   1:off   2:on    3:on    4:on    5:on    6:off
> irda            0:off   1:off   2:off   3:off   4:off   5:off   6:off
> irqbalance      0:off   1:off   2:off   3:on    4:on    5:on    6:off
> isdn            0:off   1:off   2:on    3:on    4:on    5:on    6:off
> kerneloops      0:off   1:off   2:off   3:on    4:on    5:on    6:off
> lm_sensors      0:off   1:off   2:off   3:off   4:off   5:off   6:off
> mdmonitor       0:off   1:off   2:on    3:on    4:on    5:on    6:off
> messagebus      0:off   1:off   2:on    3:on    4:on    5:on    6:off
> microcode_ctl   0:off   1:off   2:on    3:on    4:on    5:on    6:off
> multipathd      0:off   1:off   2:off   3:off   4:off   5:off   6:off
> mysqld          0:off   1:off   2:off   3:off   4:off   5:off   6:off
> netconsole      0:off   1:off   2:off   3:off   4:off   5:off   6:off
> netfs           0:off   1:off   2:off   3:on    4:on    5:on    6:off
> netplugd        0:off   1:off   2:off   3:off   4:off   5:off   6:off
> network         0:off   1:off   2:off   3:off   4:off   5:off   6:off
> nfs             0:off   1:off   2:off   3:off   4:off   5:off   6:off
> nfslock         0:off   1:off   2:off   3:on    4:on    5:on    6:off
> nscd            0:off   1:off   2:off   3:off   4:off   5:off   6:off
> ntpd            0:off   1:off   2:off   3:off   4:off   5:off   6:off
> ntpdate         0:off   1:off   2:off   3:off   4:off   5:off   6:off
> nvidia          0:off   1:off   2:on    3:on    4:on    5:on    6:off
> pcscd           0:off   1:off   2:on    3:on    4:on    5:on    6:off
> portreserve     0:off   1:off   2:on    3:on    4:on    5:on    6:off
> psacct          0:off   1:off   2:off   3:off   4:off   5:off   6:off
> rdisc           0:off   1:off   2:off   3:off   4:off   5:off   6:off
> restorecond     0:off   1:off   2:off   3:off   4:off   5:off   6:off
> rpcbind         0:off   1:off   2:on    3:on    4:on    5:on    6:off
> rpcgssd         0:off   1:off   2:off   3:on    4:on    5:on    6:off
> rpcidmapd       0:off   1:off   2:off   3:on    4:on    5:on    6:off
> rpcsvcgssd      0:off   1:off   2:off   3:off   4:off   5:off   6:off
> rsyslog         0:off   1:off   2:on    3:on    4:on    5:on    6:off
> saslauthd       0:off   1:off   2:off   3:off   4:off   5:off   6:off
> sendmail        0:off   1:off   2:on    3:on    4:on    5:on    6:off
> setroubleshoot  0:off   1:off   2:off   3:on    4:on    5:on    6:off
> slmodemd        0:off   1:off   2:on    3:on    4:on    5:on    6:off
> smartd          0:off   1:off   2:off   3:off   4:off   5:off   6:off
> smolt           0:off   1:off   2:off   3:off   4:off   5:off   6:off
> snmpd           0:off   1:off   2:off   3:off   4:off   5:off   6:off
> snmptrapd       0:off   1:off   2:off   3:off   4:off   5:off   6:off
> sshd            0:off   1:off   2:on    3:on    4:on    5:on    6:off
> udev-post       0:off   1:on    2:on    3:on    4:on    5:on    6:off
> winbind         0:off   1:off   2:off   3:off   4:off   5:off   6:off
> wine            0:off   1:off   2:on    3:on    4:on    5:on    6:off
> wpa_supplicant  0:off   1:off   2:off   3:off   4:off   5:off   6:off
> ypbind          0:off   1:off   2:off   3:off   4:off   5:off   6:off
>
>
> Which traffic if any is allowed to come in to our computers if and when we do get on the internet?
>
> We can use system-config-??? to configure simple iptables to change stuff around and/or get webmin?
>
> I know that by default Fedora provides a good basic firewall, but are there any howto's/readme's as to how to learn more about Firewalls in Fedora.
>
> Thanks,
>
> Antonio


You will want system-config-firewall (or system-config-secuirtylevel
that used to be the name). I'm not sure how much i can tell you until
you at least try that out.


-- 
Fedora 9 : sulphur is good for the skin
( www.pembo13.com )

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux