Configuring firewall

Support for security such as Firewalls and securing linux
Post Reply
maxime
Posts: 25
Joined: 2005/11/10 08:04:38

Configuring firewall

Post by maxime » 2005/11/21 10:49:49

hello,

I want to configure my firewall with centos. So i used graphical interface in order to open which port i need. But i'd like to open these ports for only some IP.
How i can do that ?

Thanks.

w5set
Posts: 73
Joined: 2005/11/20 05:37:31

Re: Configuring firewall

Post by w5set » 2005/11/21 23:18:55

add them in
/etc/hosts.allow
if you have "unfriendlies" (with fixed IP's) add them to /etc/hosts.deny
or if you just want to mess with someone add them to hosts.deny too!--hi--hi
you can include/exclude whole IP ranges here too.

ftanner
Posts: 67
Joined: 2005/10/19 15:38:00

Configuring firewall

Post by ftanner » 2005/12/01 16:09:16

[quote]
maxime wrote:
hello,

I want to configure my firewall with centos. So i used graphical interface in order to open which port i need. But i'd like to open these ports for only some IP.
How i can do that ?

Thanks.[/quote]

I have a post in the security section that you might be interested in.

Scott_
Posts: 2
Joined: 2006/01/04 20:26:23
Contact:

Re: Configuring firewall

Post by Scott_ » 2006/01/05 05:01:12

Hello I have the similar issue, Could someone tell me what needs to be added to the hosts.allow file to open a port? Do I just need to add the port number or is there some other code that needs added?

cohcon
Posts: 2
Joined: 2005/12/08 15:48:57

Re: Configuring firewall

Post by cohcon » 2006/01/06 15:23:35

Could you please email a copy or download link to isadmin@deaconesshomecare.com?

Thank you,
Conn

ftanner
Posts: 67
Joined: 2005/10/19 15:38:00

Re: Configuring firewall

Post by ftanner » 2006/01/09 15:54:09

[quote]
cohcon wrote:
Could you please email a copy or download link to isadmin@deaconesshomecare.com?

Thank you,
Conn[/quote]

Do you mean this to me?

nfowar
Posts: 4
Joined: 2006/03/11 20:58:41

Re: Configuring firewall

Post by nfowar » 2006/03/11 21:16:57

The "firewall" GUI is indeed pretty limited. You can only "open" ports globally there. The /etc/hosts file is not such a good idea IMHO, because not all services read this file. You should take a look at the IPTables documentation and tutorials at http://www.netfilter.org and add use a custom iptables command to unblock the port. A good place for this is in /etc/rc.local.

Post Reply

Return to “CentOS 4 - Security Support”