Using a Simple Firewall in CentOS 6
| Using a Simple Firewall in CentOS 6 |
| Server - CentOS |
|
Once it is installed then you can call the firewall with this command:
The firewall configuration no longer has the SELinux settings and it will take you through a number of steps to set up the firewall. Of course you will want to enable the firewall and then select “Customize” with the tab.
Use the space key to select the services to enable. The list is greatly expanded in the version for CentOS 6. The name that is used is coming from the file /etc/services which is a system file that connects a name with the port. So if you are wondering which port is being referenced you may review that file.
If the service is not listed you can use the “Forward” button to take you through the process of entering the port number and protocol that you would like to list. Here is an example showing the port and protocol.
Once this is entered you should be able to see it listed in the interface. This provides flexibility in firewall configuration.
You are able to list interfaces that should be trusted. This means that the firewall will not effect these interfaces. Be careful with this setting as it is easy to make a mistake and discover it too late. It makes sense in most cases not to trust any connections.
If you have multiple interfaces you can add rules to forward by choosing the “Add” option.
You now also have an ICMP Filter so you are able to determine if other machines can ping your server for example. Often ping and traceroute are not allowed as this is giving away information to an attacker.
Finish up the firewall configuration with any custom rules you would like to add.
Save and now the CentOS firewall should be active. |
