I'm afraid to say that I am a complete dunce when it comes to
configuring a firewall by hand, so I am almost totally reliant on
redhat-config-securitylevel. I currently have my security level set to
medium. However I need to allow VMware VMs to have access to Apache -
I'm a web developer and testing sites on virtual hosts in Windows
browsers is an absolute necessity.
So, what I want to do is allow access from vmnet*, so I've unchecked
"Use default firewall rules" and instead selected "Trusted devices" with
eth0 and eth1 UNSELECTED and vmnet0, vmnet1 and vmnet8 SELECTED.
Is that enough to achieve what I want - just saying that connections
from vmnet* are to be trusted? Or do I also have to select WWW (HTTP)
under "Allow incoming"? The latter sounds like it will also allow
incoming HTTP from anywhere - which I DEFINITELY don't want.
In general, from a UI point of view this tool is a little confusing:
which takes precedence - trusted device or allow incoming? If eth0 is
not selected as a trusted device but HTTP is selected for allow
incoming, and an HTTP request comes from eth0 which wins out? Similarly
if vmnet0 is selected as a trusted device but HTTP is not selected for
allow incoming and an HTTP request comes from vmnet0 what happens? -
Should I perhaps file a bug report on this?
TIA, Darren
--
=====================================================================
D. D. Brierton darren@xxxxxxxxxxx www.dzr-web.com
Trying is the first step towards failure (Homer Simpson)
=====================================================================
