blob: 03575331737058eab3879449ecf26a0264c3418b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Firewall</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.75.2">
<link rel="home" href="index.html" title="Installation with DrakX">
<link rel="up" href="index.html" title="Installation with DrakX">
<link rel="prev" href="securityLevel.html" title="Security Level">
<link rel="next" href="installUpdates.html" title="Updates"><style xmlns="http://www.w3.org/TR/xhtml1/transitional" type="text/css">
<!--
body { font-family: sans-serif; font-size: 13px }
table { font-family: sans-serif; font-size: 13px }
--></style></head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div lang="" class="section" title="Firewall">
<div class="titlepage">
<div>
<div>
<h2 class="title"><a name="firewall"></a>Firewall
</h2>
</div>
</div>
</div>
<p><a name="firewall-pa1"></a>This section allows to configure
some simple firewall rules: they determine which type of message from the
Internet will be accepted by the target system. This, in turn, allows the
corresponding services on the system to be accessible from the
Internet.
</p>
<p>In the default setting, no button is checked - no service of the
system is accessibly from the network. The "<span class="emphasis"><em>Everything (no
firewall)</em></span>" button has a particular role: it enables access to all
services of the machine - an option that does not make much sense in the
context of the installer since it would create a totally unprotected system.
Its veritable use is in the context of the Mageia Control Center (which uses
the same GUI layout) for temporarily disabling the entire set of firewall
rules for testing and debugging purposes.
</p>
<p>All other checkbuttons are more or less self-explanatory. As an
example, you will check the "CUPS server" button if you want printers on
your machine to be accessible from the network.
</p>
<p><span class="bold"><strong>Advanced</strong></span></p>
<p>The set of checkbuttons only comprises the most common services. The
"Advanced" button allows to enable messages that correspond to a service for
which no checkbutton exists. The "<span class="emphasis"><em>Advanced</em></span>" button
opens a window where you can enable a series of services by typing a list of
couples (blank separated)
</p>
<p><span class="emphasis"><em><port-number>/<protocol></em></span></p>
<table border="0" summary="Simple list" class="simplelist">
<tr>
<td>- <span class="emphasis"><em><port-number></em></span> is the value of the
port assigned to the service you want to enable (e.g. 873 for the RSYNC
service) as defined in <span class="emphasis"><em>RFC-433</em></span>;
</td>
</tr>
<tr>
<td>- <span class="emphasis"><em><protocol></em></span> is one of
<span class="emphasis"><em>TCP</em></span> or <span class="emphasis"><em>UDP</em></span> - the internet
protocol that is used by the service.
</td>
</tr>
</table>
<p>For instance, the entry for enabling access to the RSYNC service
therefore is <span class="emphasis"><em>873/tcp</em></span>.
</p>
<p>In case a service is implemented to use both protocols, you specify 2
couples for the same port.
</p>
</div>
</body>
</html>
|
