1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
<TITLE>Firewalling and packets accounting: The logic of firewalling with linuxconf</TITLE>
<LINK HREF="firewall-4.html" REL=next>
<LINK HREF="firewall-2.html" REL=previous>
<LINK HREF="firewall.html#toc3" REL=contents>
</HEAD>
<BODY>
<A HREF="firewall-4.html">Next</A>
<A HREF="firewall-2.html">Previous</A>
<A HREF="firewall.html#toc3">Contents</A>
<HR>
<H2><A NAME="s3">3. The logic of firewalling with linuxconf</A></H2>
<P>The firewalling in <EM>Linux</EM> is highly flexible and can be very
complicated. <EM>Linuxconf</EM> is proposing a simple logic that simplifies
the composition of the firewalling rule. While this logic helps
create and maintain a basic firewall, some configurations may not
be created with linuxconf. Here is the logic:
<P>
<H2><A NAME="ss3.1">3.1 Positive logic</A>
</H2>
<P>When you activate one of the three firewalling systems
(input, forward, output), <EM>Linuxconf</EM> will set the default policy
to <EM>deny</EM>. All rules you enter are indeed holes or openings in the
firewall. If you enter no rules, then your machine will be pretty
isolated, answering to nothing.
<P>
<HR>
<A HREF="firewall-4.html">Next</A>
<A HREF="firewall-2.html">Previous</A>
<A HREF="firewall.html#toc3">Contents</A>
</BODY>
</HTML>
|
