Personal Firewalls

After the necessary network services are configured, it is important to implement a firewall.

You should configure the necessary services and implement a firewall before connecting to the Internet or any other network that you do not trust.

Firewalls prevent network packets from accessing the system's network interface. If a request is made to a port that is blocked by a firewall, the request is ignored. If a service is listening on one of these blocked ports, it does not receive the packets and is effectively disabled. For this reason, care should be taken when configuring a firewall to block access to ports not in use, while not blocking access to ports used by configured services.

For most users, the best tool for configuring a simple firewall is the graphical firewall configuration tool which ships with Community Enterprise Linux: the Security Level Configuration Tool (system-config-securitylevel). This tool creates broad iptables rules for a general-purpose firewall using a control panel interface.

Refer to "Basic Firewall Configuration" for more information about using this application and its available options.

For advanced users and server administrators, manually configuring a firewall with iptables is probably a better option. Refer to "Firewalls" for more information. Refer to "IPTables" for a comprehensive guide to the iptables command.