1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
<TITLE>Global control of firewalling: Principles</TITLE>
<LINK HREF="control-2.html" REL=next>
<LINK HREF="control.html#toc1" REL=contents>
</HEAD>
<BODY>
<A HREF="control-2.html">Next</A>
Previous
<A HREF="control.html#toc1">Contents</A>
<HR>
<H2><A NAME="s1">1. Principles</A></H2>
<P>Linux firewall controls IP packets at they are entering, flowing
through and exiting the machine. Each step is controlled by a set
of rules. We have the <EM>input</EM>, <EM>forward</EM>, and <EM>output</EM> rules.
<P>Each rule set is configured independantly and may be enabled independantly.
Even if a rule set if configured, it may be turned off in the current
dialog, generally for testing purpose.
<P>
<H2><A NAME="ss1.1">1.1 Firewall integrity</A>
</H2>
<P>If you enable one rule set, <EM>Linuxconf</EM> assumes it is in charge
of the firewall and will make sure it is current (the kernel state
match the configuration) every time you exit from Linuxconf (this is
interactive, so you will notice).
<P>If you do not enable any rule set, then you are on your own. This means
you can use any tool you want to handle this task.
<P>
<HR>
<A HREF="control-2.html">Next</A>
Previous
<A HREF="control.html#toc1">Contents</A>
</BODY>
</HTML>
|
