Chapter 7. Basic Firewall Configuration

Just as a firewall in a building attempts to prevent a fire from spreading, a computer firewall attempts to prevent computer viruses from spreading to your computer and to prevent unauthorized users from accessing your computer. A firewall exists between your computer and the network. It determines which services on your computer remote users on the network can access. A properly configured firewall can greatly increase the security of your system. It is recommended that you configure a firewall for any Red Hat Linux system with an Internet connection.

During the Firewall Configuration screen of the Red Hat Linux installation, you were given the option to choose a high, medium, or no security level as well as allow specific devices, incoming services, and ports. These levels are based on the GNOME Lokkit firewall configuration application.

After installation, you can change the security level of your system by using GNOME Lokkit.

GNOME Lokkit allows you to configure firewall settings for an average user by constructing basic ipchains networking rules. Instead of having to write the rules, this program asks you a series of questions about how you use your system and then writes it for you in the file /etc/sysconfig/ipchains.

You should not try to use GNOME Lokkit to generate complex firewall rules. It is intended for average users who want to protect themselves while using a modem, cable, or DSL Internet connection. To configure specific firewall rules, refer to the Firewalling with iptables chapter in the Official Red Hat Linux Reference Guide.

To disable specific services and deny specific hosts and users, refer to Chapter 8.

To start GNOME Lokkit, type the command gnome-lokkit at a shell prompt as root. If you do not have the X Window System installed or if you prefer a text-based program, use the command lokkit to start the text-mode version of GNOME Lokkit.


Figure 7-1. Basic

After starting the program, choose the appropriate security level for your system: