The
firewall built into Fedora Core checks every
incoming and outgoing network connection on your machine against a
set of rules. These rules specify which types of connections are
permitted and which are denied.
By default the firewall is enabled, with a simple set of rules
that allow connections to be made from your system to others, but
permit only network browsing and
SSH (Secure SHell) connections from other systems. You may make
changes on this screen to allow access to specific network
services on your Fedora system.
To enable access to the services listed on this screen, click the
check box next to the service name.
|
SSH Provides Immediate Remote Access |
All Fedora systems automatically run the SSH remote access
service. The default firewall configuration allows connections
to this service, to ensure that administrators have immediate
remote access to new systems through the user and
root accounts.
|
To enable access to other services, select
Other
ports
, and
Add
the details. Use
the
Port(s)
field to specify either the port
number, or the registered name of the service. Select the relevant
Protocol
from the drop-down. The majority of
services use the TCP protocol.
|
The Services List |
The services file on every system lists the
port numbers and names of services that are registered with the
Internet Assigned Names Authority (IANA). Fedora systems hold
this file in the directory /etc .
|
If a service uses more than one port number, enter each port. For
example, an IMAP service enables users to access their e-mail from
another system with either a standard connection to TCP port 143,
or with an encrypted connection to TCP port 993. To permit IMAP
connections to your system, add
imap
or
port number
143
, and
imaps
, or port number
993
, for IMAP with SSL encryption.
Avoid disabling the firewall. If you believe that it is necessary
to do so, select
No firewall
.
|
Changing the Firewall Settings |
To change these settings later, choose
->
->
.
|