Server Topic
   >  Introduction to Firewalls
   >  Listing Firewall Rules
   >  Changing Default Rules
   >  Changing Specific Rules
   >  Example Firewall Script

 

Introduction to Setting up a Firewall

What is a Firewall?

A firewall is simply a utility that manages network traffic access to and from a machine, whether a server or a desktop. Windows users will be familiar with the proprietary firewalls available, such as Symantec, Norton or Kaspersky which are vital for stopping unwanted processes getting access to their machine. The standard Linux firewall package is called iptables (-aka netfilter).

[A firewall] allows you to define rules which specify which traffic to allow or disallow

iptables allows you to define rules which specify which traffic to allow or disallow. There are three types of traffic that you can add a rule for:

  • Inbound: traffic coming from the network and destined for your computer. This is the category to use to control external attacks and is therefore the most common category where controls are applied

  • Outbound: traffic coming from your computer and destined for somewhere on the network. This is the category to use to control the resources that users on this computer can access (-normally used for things like stopping users of a PC connecting to various external services - e.g. a network printer or server containing sensitive data)

  • Forward: traffic coming from outside your computer and destined for somewhere on the network, but passing through your PC. This is only really relevant if your machine is set up as a network router or the like

For each category, you can set a default policy for each category, which can be either:

  • ACCEPT: the default is to trust all traffic OR

  • DROP: the default is to block all traffic

You can then define specific exceptions to the default to allow/restrict access to those resources required.


HomeSite IndexDesktop GuideServer GuideHints and TipsHardware CornerVideo SectionContact Us

 sitelock verified Firefox Download Button