blob: d363e1979f0589300637d8896f2f8d5b772efb13 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
<?xml version='1.0' encoding='UTF-8'?><section xmlns="http://docbook.org/ns/docbook" xmlns:ns5="http://www.w3.org/1998/Math/MathML" xmlns:ns4="http://www.w3.org/2000/svg" xmlns:ns3="http://www.w3.org/1999/xhtml" xmlns:ns2="http://www.w3.org/1999/xlink" xmlns:ns="http://docbook.org/ns/docbook" xml:id="firewall" version="5.0">
<info>
<title xml:id="firewall-ti1">Firewall</title>
</info>
<para xml:id="firewall-pa1" revision="1">This section allows to configure
some simple firewall rules: they determine which type of message from the
Internet will be accepted by the target system. This, in turn, allows the
corresponding services on the system to be accessible from the
Internet.</para>
<para>In the default setting, no button is checked - no service of the
system is accessibly from the network. The "<emphasis>Everything (no
firewall)</emphasis>" button has a particular role: it enables access to all
services of the machine - an option that does not make much sense in the
context of the installer since it would create a totally unprotected system.
Its veritable use is in the context of the Mageia Control Center (which uses
the same GUI layout) for temporarily disabling the entire set of firewall
rules for testing and debugging purposes.</para>
<para>All other checkbuttons are more or less self-explanatory. As an
example, you will check the "CUPS server" button if you want printers on
your machine to be accessible from the network.</para>
<para><emphasis role="bold">Advanced</emphasis></para>
<para>The set of checkbuttons only comprises the most common services. The
"Advanced" button allows to enable messages that correspond to a service for
which no checkbutton exists. The "<emphasis>Advanced</emphasis>" button
opens a window where you can enable a series of services by typing a list of
couples (blank separated)</para>
<para><emphasis><port-number>/<protocol></emphasis></para>
<simplelist>
<member>- <emphasis><port-number></emphasis> is the value of the
port assigned to the service you want to enable (e.g. 873 for the RSYNC
service) as defined in <emphasis>RFC-433</emphasis>;</member>
<member>- <emphasis><protocol></emphasis> is one of
<emphasis>TCP</emphasis> or <emphasis>UDP</emphasis> - the internet
protocol that is used by the service.</member>
</simplelist>
<para>For instance, the entry for enabling access to the RSYNC service
therefore is <emphasis>873/tcp</emphasis>.</para>
<para>In case a service is implemented to use both protocols, you specify 2
couples for the same port.</para>
</section>
|
