Installation guide
Chapter 7.
Basic Firewall Configuration
Just as a firewall in a building attempts to prevent a fire from spreading, a computer fire-
wall attempts to prevent computer viruses from spreading to your computer and to prevent
unauthorized users from accessing your computer. A firewall exists between your computer
and the network. It determines which services on your computer remote users on the net-
work can access. A properly configured firewall can greatly increase the security of your
system. It is recommended that you configure a firewall for any Red Hat Linux system with
an Internet connection.
During the Firewall Configuration screen of the Red Hat Linux installation, you were given
the option to choose a high, medium, or no security level as well as allow specific devices,
incoming services, and ports. These levels are based on the GNOME Lokkit firewall config-
uration application.
After installation, you can change the security level of your system by using GNOME
Lokkit.
GNOME Lokkit allows you to configure firewall settings for an average user by construct-
ing basic ipchains networking rules. Instead of having to write the rules, this program asks
you a series of questions about how you use your system and then writes it for you in the
file /etc/sysconfig/ipchains.
You should not try to use GNOME Lokkit to generate complex firewall rules. It is intended
for average users who want to protect themselves while using a modem, cable, or DSL In-
ternet connection. To configure specific firewall rules, refer to the Firewalling with iptables
chapter in the Official Red Hat Linux Reference Guide.
To disable specific services and deny specific hosts and users, refer to Chapter 8.
To start GNOME Lokkit, type the command gnome-lokkit at a shell prompt as root. If you
do not have the X Window System installed or if you prefer a text-based program, use the
command lokkit to start the text-mode version of GNOME Lokkit.