Product SiteDocumentation Site

18.2. Firewall

The firewall built into Fedora Core checks every incoming and outgoing network connection on your machine against a set of rules. These rules specify which types of connections are permitted and which are denied.
By default the firewall is enabled, with a simple set of rules that allow connections to be made from your system to others, but permit only network browsing and SSH (Secure SHell) connections from other systems. You may make changes on this screen to allow access to specific network services on your Fedora Core system.
Firewall screen.
Figure 18.3. Firewall Screen

To enable access to the services listed on this screen, click the check box next to the service name.

SSH Provides Immediate Remote Access

All Fedora Core systems automatically run the SSH remote access service, and the default firewall configuration allows connections to this service. The default configuration ensures that administrators have immediate remote access to new systems through the user and root accounts.
To enable access to other services, select Other ports, and Add the details. Use the Port(s) field to specify either the port number, or the registered name of the service. Select the relevant Protocol from the drop-down. The majority of services use the TCP protocol.

The Services List

The /etc/services file lists service port numbers and names that are registered with the Internet Assigned Names Authority (IANA).
If a service uses more than one port number, enter each port. For example, an IMAP service enables users to access their e-mail from another system through TCP port 143. To permit IMAP connections to your system, add imap or port number 143.
Avoid disabling the firewall. If you believe that it is necessary to do so, select No firewall.

Changing the Firewall Settings

To change these settings later, choose SystemAdministrationSecurity Level and Firewall.