In previous chapters we have covered the
firewall located in
the router or cable modem and viewed this as the first line of defense
protecting your Linux system from outside attack. In this chapter we
looking at the second line of defense – the firewall on your Linux
During the installation of your Linux system
you will have
been asked a number of questions about the security settings you wanted
select. At the time you may not have understood what these settings
you may not recall which settings you chose. In this
Chapter we will explore how to configure the security
your Linux system.
The lokkit command
The lokkit command can be run at any time to
security settings of Firewall installed on your system. To run this
must first login as root or use the “su” command.
If you are
already super user on your Linux system start the lokkit command as
or to use the su command from a non-super
user account as follows:
The lokkit command allows you to either
enable or disable
the Firewall. The first step if it is not already enabled is to enable
the “Tab” key to move around and the “Space” key to select the
The second step is configure the Firewall.
Use the Tab key
to move the “Configure” button and press the “Space” key.
On the configuration screen simply select
the service types
that you want to support. Based on your selections lokkit will
Firewall to allow access to the appropriate ports. The services listed
HTTP, FTP, SSH, Telnet and Mail (SMTP). You can also specify other
wish to open on the Firewall in the “other ports” section.
The lokkit command also provides the
option of specifying trusted devices on the "Configure" screen. In
summary, it is possible to have more than one network device installed
on a Linux system. In this scenario it might be that one device is
connected to a trusted and secure network while the other is connected
to a network that is connected to the outside world in some way
(perhaps through a router or firewall to a broadband connection). The
firewall feature allows you to disable the firewall settings for any
connections coming in from the device connected to the trusted or
secure network while applying the firewall rules to device connected ot
the untrusted network.