Hi, I'm using the generic system-config-securitylevel-tui program on a remote server to configure my firewall. So far it's been fairly decent, allowing me to open up ports and whatnot. But I want to start blocking a couple of outgoing ports on my machine. I want to lock it down so the only traffic going in our out of my machine is stuff that I specify. Is there a way to do this with the system-config-securitylevel program? If not, what do you recommend I use to configure the firewall? thanks, ajay
> Hi, > > I'm using the generic system-config-securitylevel-tui program on a > remote server to configure my firewall. So far it's been fairly decent, > allowing me to open up ports and whatnot. But I want to start blocking > a couple of outgoing ports on my machine. I want to lock it down so the > only traffic going in our out of my machine is stuff that I specify. > > Is there a way to do this with the system-config-securitylevel program? > If not, what do you recommend I use to configure the firewall? > > thanks, > ajayI've never seen a way block outbound ports using the config tool. If you are comfortable with the iptables syntax, you could edit /etc/sysconfig/iptables to your liking and then restart the iptables service. ~Dan
On Sat, 29 Oct 2005, Ajay Sharma wrote:> Hi, > > I'm using the generic system-config-securitylevel-tui program on a remote > server to configure my firewall. So far it's been fairly decent, allowing me > to open up ports and whatnot. But I want to start blocking a couple of > outgoing ports on my machine. I want to lock it down so the only traffic > going in our out of my machine is stuff that I specify. > > Is there a way to do this with the system-config-securitylevel program? IfNot that I am aware of.> not, what do you recommend I use to configure the firewall?There are a couple of other programs available. I prefer firewall builder. Others will suggest programs like shorewall, firestarter, gShield, etc.. Regards, Tom
On Sunday 30 October 2005 01:15 am, Ajay Sharma wrote:> Hi, > > I'm using the generic system-config-securitylevel-tui program on a > remote server to configure my firewall. So far it's been fairly decent, > allowing me to open up ports and whatnot. But I want to start blocking > a couple of outgoing ports on my machine. I want to lock it down so the > only traffic going in our out of my machine is stuff that I specify. > > Is there a way to do this with the system-config-securitylevel program? > If not, what do you recommend I use to configure the firewall? > > thanks, > ajayAll these will work: firestarter http://www.fs-security.com/ shorewall http://www.shorewall.net/ kmyfirewall http://kmyfirewall.sourceforge.net/ guarddog http://www.simonzone.com/software/guarddog/ fwbuilder http://www.fwbuilder.org/ But I strongly recommend firestarter for the job you are talking about. THe documentation is good ( http://www.fs-security.com/docs/policy-page.php ), and you'll have it configured in ten minutes.