Deny access to some address
Sometimes you’ll know an address that you would like to block from having any access at all to your server. You can do that by creating the rc.firewall.blocked file under 7etc/rc.d/” directory and uncomment the following lines in your firewall rules scripts file: (Далее…)
Configuration of the “/etc/rc.d/init.d/firewall” script file for the Gateway Server
This is the configuration script file for our Gateway Server. This configuration allows unlimited traffic on the Loopback interface, ICMP, DNS Server and Client (53), SSH Server and Client (22), HTTP Server and Client (80), HTTPS Server and Client (443), POP Client (110), NNTP NEWS Client (119), SMTP Server and Client (25), I MAP Server (143), IRC Client (6667), ICQ Client (4000), FTP Client (20, 21), RealAudio / QuickTime Client, and OUTGOING TRACEROUTE requests by default. (Далее…)
Страниц: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
Build a kernel with Firewall Masquerading and Forwarding support
Once again, the first thing you need to do is ensuring that your kernel has been built with Network Firewall support enabled and Firewalling. In the 2.2.14 kernel version you need to ensure that you have answered Y to the following questions:
Networking options: (Далее…)
Networking Firewall with Masquerading and Forwarding support.Overview
Contrary to the example configurations in Chapter 7, configuring a Linux Server to masquerade and forward traffic generally from the inside private network that has unregistered IP addresses (i.e. 192.168.1.0/24) to the outside network (i.e. the Internet) require a special setup of your kernel and of your firewall configuration scripts file. (Далее…)
Configuration of the “/etc/rc.d/init.d/firewall” script file for the Mail Server
This is the configuration script file for our Mail Server. This configuration allows unlimited traffic on the Loopback interface, ICMP, DNS Server and Client (53), SSH Server (22), SMTP Server and Client (25), IMAP server (143), and OUTGOING TRACEROUTE requests by default.
If you don’t want some services listed in the firewall rules files for the Mail Server that I make ON by default, comment them out with a “#” at the beginning of the line. If you want some other services that I commented out with a “#”, then remove the “#” at the beginning of their lines. (Далее…)
Страниц: 1 2 3 4 5 6 7 8 9 10 11