Configuring the SUSE Firewall

Previous page
Table of content
Next page

If you connect to the Internet, even with a modem and dial-up connection, you need a firewall to protect you from attack. Fortunately, SUSE Linux includes an excellent firewall to help you. Go to YaST Security and Users and click the Firewall module to start the process.

The first screen in this wizard (see Figure 23.2) asks for the interfaces you want to protect.

Figure 23.2. Select your LAN interface and Internet interface on this screen.


The External Interface is your Internet connection. The Internal Interface is your LAN card. Use the drop-down menu to select or change an interface from the default. Click Next to continue.

The second wizard page (see Figure 23.3) is used mainly for systems with active server components that need ports open to communicate with their clients. If you are using a web server (Apache or similar), a mail server, or any other server on the list, check the appropriate box.

Figure 23.3. Open ports for any servers on this screen.


Note

If you install a server package through YaST Network Services, the install wizard will always ask you to open the firewall so it can function properly.


If an Internet application needs a specific port opened, you can click the Expert button to open that port.

Caution

Anytime you open a port in your firewall, remember that every open port is a "hole" you are drilling that an attacker can breach. There are always good reasons for opening a port. Make sure you have a good reason before you drill the hole.


Click Next to continue.

The Features page comes up next. Going with the defaults here is usually best. If this machine is only going to be a router, check the Forward Traffic and Do Masquerading box. If you want other computers on your LAN to have only the same access to services on your computer that the rest of the Internet has, check Protect from Internal Network.

The last screen sets up what information the firewall logs contain. Unless you are trying to troubleshoot a specific problem, it's a bad idea to log every packet, or even every dropped packet. Stick to the defaults here. Click Finish to activate the firewall.

The configuration file adds a script to the boot process so the firewall loads each time you boot. To turn off the firewall, reopen the module and select Stop Firewall and Remove from Boot Process.


Previous page
Table of content
Next page
SUSE Linux 10 Unleashed
SUSE Linux 10.0 Unleashed
ISBN: 0672327260
EAN: 2147483647
Year: 2003
Pages: 332
Authors: Mike McCallister
BUY ON AMAZON
Beginning Cryptography with Java
PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
The Java Tutorial: A Short Course on the Basics, 4th Edition
.NET-A Complete Development Cycle
Cultural Imperative: Global Trends in the 21st Century
FileMaker 8 Functions and Scripts Desk Reference
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy