Firewall your Fedora

Jack Wallen
Jun 13, 2010
Updated • Jan 16, 2013
Linux
|
2

If you are new to Fedora, or if you are now returning to Fedora from a long haitus (since Fedora 9 for me), Fedora 13 has been a welcoming experience. Not only has it reached near-Ubuntu-like levels of user-friendliness, it includes some of the best tools around for certain jobs. One of those tools is the Firewall tool. For Fedora 13 the firewalling tool is system-config-firewall, release 1.2.25. But what is system-config-firewall? To put it simply, this tool is a graphical means of creating firewall rules for your Fedora installation. Now, don't think this tool is new to Fedora 13 - it's not. But it is installed by default and actually makes creating a firewall quite easy, even for new users.

In this article I will introduce you to the Fedora firewall tool and show you how to secure your Linux distribution quickly and reliably.

Two ways to success

There are two ways to configure the firewall tool to meet your needs. The first method is manually. You can decide what to leave open and what to close up. The other method is with the help of a very easy to use Wizard. What these choices do is allow the system to be useful for both new and seasoned users alike.

What I really like about this tool is that it doesn't take anything for granted. It allows you decide what interfaces, services, ports are all trusted; it allows you to create your own custom rules, do port forwarding, and masquerading. This tool is pretty fantastic and will keep your desktop secure. Now, let's see how this thing works.

The Wizard

Figure 1

The Wizard is where every new user should start. But before you get to the Wizard you actually have to start the tool. To do this click System > Administration > Firewall and the main window will open. From this main window click on the Wizard button to begin the process of creating your firewall.

The steps of the Wizard are as follows:

Step 1: Welcome screen (just click Foward).

Step 2: Select the system you ahve (System with Network access or system without network access).

Step 3: User skill level (Beginner or Expert).

Step 4: Configuration (Desktop or Server).

After you have completed the Wizard click the Apply button on the main window to complete the process. This will clear your current firewall and apply the settings the Wizard has created. Only problem? The wizard really didn't do much as far as customization for your needs. In order to really customize your firewall you have to step outside the boundaries of the wizard. Let's do that.

If you look at the main window you can see there is a number of options you can select. If you find the only option in the left pane that is available is Trusted Services, that means you have selected Beginner level. In order to access the other features (Other Ports, Trusted Interfaces, etc) you will have to set yourself up as an Expert by clicking Options > User Skill Level > Expert. Once you have done that all the other options will be available.

At this point you simply need to walk through all of the possible options and select the following:

  • Trusted Services: Which services do you want to be made available to hosts and networks.
  • Other Ports: Here you can open up any port listed in /etc/services.
  • Trusted Interfaces: If you have more than one NIC on your machine this will be especially handy. Define internal and external network interfaces and refine what each has open.
  • Masquerading: Need to hide an entire range of private IP address behind a single public address? You might need to configure masquerading.
  • Port Forwarding: If you need to configure the host machine to forward a port request to another machine, this is where you do it.
  • ICMP Filter: Here you configure error messages between computers. You can block things like ping requests here.
  • Custom Rules: This is where you can add your very own custom rules to your firewall. We will discuss this further in another article.

Once you have made any changes make sure you click the Apply button in order to apply the changes.

Final thoughts

That's pretty much the gist of the Fedora Firewall tool. We will take this further soon with an article on creating your own customized rules with this tool. Until then, enjoy hardening your Fedora box with this easy to use firewall tool.

Advertisement

Related content

Privacy is Sexy: custom privacy scripts for Windows, Linux and macOS
linux mint 21.2

Linux Mint 21.2 has been released: here is what is new
How to fix blank page issue in Vivaldi, Brave and Chrome in Linux Mint

Chromium based browsers are not loading pages properly on Linux, here's how to fix it

iVentoy: boot and install operating systems on multiple machines over the network

Linux 6.3 offers improved security and functionality for users
The newest Linux 6.2 includes M1 chip support for Mac users, but it is still not fully functional, finished, or ready for primetime use. 

Ubuntu 23.04 Final is out with these changes

Previous Post: «
Next Post: «

Comments

  1. Bob Smith said on June 14, 2010 at 6:41 am
    Reply

    This is a lot. I am going to “Instapaper” this.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.

Advertisement

Spread the Word

Ghacks Newsletter Sign Up

Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up

Advertisement

Hot Discussions

Advertisement

Recently Updated

Latest from Softonic

Advertisement

About gHacks

Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.

The name and logo of Ghacks are copyrights or trademarks of SOFTONIC INTERNATIONAL S.A.
Copyright SOFTONIC INTERNATIONAL S.A. © 2005- 2023 - All rights reserved